]> Git Repo - qemu.git/blame - hw/scsi/scsi-disk.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
hw: edu: drop DO_UPCAST
[qemu.git] / hw / scsi / scsi-disk.c
CommitLineData
2e5d83bb
PB		 1/*
2 * SCSI Device emulation
3 *
4 * Copyright (c) 2006 CodeSourcery.
5 * Based on code by Fabrice Bellard
6 *
7 * Written by Paul Brook
ad3cea42
AT		 8 * Modifications:
9 * 2009-Dec-12 Artyom Tarasenko : implemented stamdard inquiry for the case
10 * when the allocation length of CDB is smaller
11 * than 36.
12 * 2009-Oct-13 Artyom Tarasenko : implemented the block descriptor in the
13 * MODE SENSE response.
2e5d83bb 14 *
8e31bf38 15 * This code is licensed under the LGPL.
a917d384
PB		 16 *
17 * Note that this file only handles the SCSI architecture model and device
1d4db89c
AZ		 18 * commands. Emulation of interface/link layer protocols is handled by
19 * the host adapter emulator.
2e5d83bb
PB		 20 */
21
22//#define DEBUG_SCSI
23
24#ifdef DEBUG_SCSI
001faf32
BS		 25#define DPRINTF(fmt, ...) \
26do { printf("scsi-disk: " fmt , ## __VA_ARGS__); } while (0)
2e5d83bb 27#else
001faf32 28#define DPRINTF(fmt, ...) do {} while(0)
2e5d83bb
PB		 29#endif
30
a4ab4792 31#include "qemu/osdep.h"
7e462605 32#include "qemu/units.h"
da34e65c 33#include "qapi/error.h"
1de7afc9 34#include "qemu/error-report.h"
0d09e41a 35#include "hw/scsi/scsi.h"
08e2c9f1 36#include "scsi/constants.h"
9c17d615 37#include "sysemu/sysemu.h"
4be74634 38#include "sysemu/block-backend.h"
9c17d615 39#include "sysemu/blockdev.h"
0d09e41a 40#include "hw/block/block.h"
9c17d615 41#include "sysemu/dma.h"
f348b6d1 42#include "qemu/cutils.h"
22864256 43
336a6915
PB		 44#ifdef __linux
45#include <scsi/sg.h>
46#endif
47
7e462605
PMD		 48#define SCSI_WRITE_SAME_MAX (512 * KiB)
49#define SCSI_DMA_BUF_SIZE (128 * KiB)
215e47b9
PB		 50#define SCSI_MAX_INQUIRY_LEN 256
51#define SCSI_MAX_MODE_LEN 256
52
7e462605
PMD		 53#define DEFAULT_DISCARD_GRANULARITY (4 * KiB)
54#define DEFAULT_MAX_UNMAP_SIZE (1 * GiB)
f8e1f533 55#define DEFAULT_MAX_IO_SIZE INT_MAX /* 2 GB - 1 block */
a917d384 56
993935f3
PB		 57#define TYPE_SCSI_DISK_BASE "scsi-disk-base"
58
fcaafb10
PB		 59#define SCSI_DISK_BASE(obj) \
60 OBJECT_CHECK(SCSIDiskState, (obj), TYPE_SCSI_DISK_BASE)
61#define SCSI_DISK_BASE_CLASS(klass) \
62 OBJECT_CLASS_CHECK(SCSIDiskClass, (klass), TYPE_SCSI_DISK_BASE)
63#define SCSI_DISK_BASE_GET_CLASS(obj) \
64 OBJECT_GET_CLASS(SCSIDiskClass, (obj), TYPE_SCSI_DISK_BASE)
65
66typedef struct SCSIDiskClass {
67 SCSIDeviceClass parent_class;
68 DMAIOFunc *dma_readv;
69 DMAIOFunc *dma_writev;
94f8ba11 70 bool (*need_fua_emulation)(SCSICommand *cmd);
fcaafb10 71} SCSIDiskClass;
d52affa7 72
4c41d2ef
GH		 73typedef struct SCSIDiskReq {
74 SCSIRequest req;
a917d384 75 /* Both sector and sector_count are in terms of qemu 512 byte blocks. */
e035b43d
AL		 76 uint64_t sector;
77 uint32_t sector_count;
7285477a 78 uint32_t buflen;
a0e66a69 79 bool started;
94f8ba11 80 bool need_fua_emulation;
c87c0672
AL		 81 struct iovec iov;
82 QEMUIOVector qiov;
a597e79c 83 BlockAcctCookie acct;
8fdc7839 84 unsigned char *status;
4c41d2ef 85} SCSIDiskReq;
a917d384 86
18e673b8
PH		 87#define SCSI_DISK_F_REMOVABLE 0
88#define SCSI_DISK_F_DPOFUA 1
89#define SCSI_DISK_F_NO_REMOVABLE_DEVOPS 2
bfe3d7ac 90
fcaafb10 91typedef struct SCSIDiskState
a917d384 92{
d52affa7 93 SCSIDevice qdev;
bfe3d7ac 94 uint32_t features;
8a9c16f6 95 bool media_changed;
3c2f7c12 96 bool media_event;
4480de19 97 bool eject_request;
64cc2284 98 uint16_t port_index;
8a1bd297 99 uint64_t max_unmap_size;
f8e1f533 100 uint64_t max_io_size;
213189ab 101 QEMUBH *bh;
383b4d9b 102 char *version;
a0fef654 103 char *serial;
353815aa
DF		 104 char *vendor;
105 char *product;
ece0d5e9 106 bool tray_open;
81b1008d 107 bool tray_locked;
070f8009
DB		 108 /*
109 * 0x0000 - rotation rate not reported
110 * 0x0001 - non-rotating medium (SSD)
111 * 0x0002-0x0400 - reserved
112 * 0x0401-0xffe - rotations per minute
113 * 0xffff - reserved
114 */
115 uint16_t rotation_rate;
fcaafb10 116} SCSIDiskState;
2e5d83bb 117
14b20748 118static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed);
5dba48a8 119
ad2d30f7 120static void scsi_free_request(SCSIRequest *req)
4d611c9a 121{
ad2d30f7
PB		 122 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
123
db4c34c3 124 qemu_vfree(r->iov.iov_base);
4d611c9a
PB		 125}
126
b45ef674
PB		 127/* Helper function for command completion with sense. */
128static void scsi_check_condition(SCSIDiskReq *r, SCSISense sense)
ed3a34a3 129{
02fa69b6
BS		 130 DPRINTF("Command complete tag=0x%x sense=%d/%d/%d\n",
131 r->req.tag, sense.key, sense.asc, sense.ascq);
b45ef674
PB		 132 scsi_req_build_sense(&r->req, sense);
133 scsi_req_complete(&r->req, CHECK_CONDITION);
4d611c9a
PB		 134}
135
03c90063 136static void scsi_init_iovec(SCSIDiskReq *r, size_t size)
103b40f5 137{
7285477a
PB		 138 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
139
140 if (!r->iov.iov_base) {
43b978b9 141 r->buflen = size;
4be74634 142 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 143 }
144 r->iov.iov_len = MIN(r->sector_count * 512, r->buflen);
103b40f5 145 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
103b40f5
PB		 146}
147
43b978b9
PB		 148static void scsi_disk_save_request(QEMUFile *f, SCSIRequest *req)
149{
150 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
151
152 qemu_put_be64s(f, &r->sector);
153 qemu_put_be32s(f, &r->sector_count);
154 qemu_put_be32s(f, &r->buflen);
18eef3bc
GH		 155 if (r->buflen) {
156 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
157 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
158 } else if (!req->retry) {
159 uint32_t len = r->iov.iov_len;
160 qemu_put_be32s(f, &len);
161 qemu_put_buffer(f, r->iov.iov_base, r->iov.iov_len);
162 }
43b978b9
PB		 163 }
164}
165
166static void scsi_disk_load_request(QEMUFile *f, SCSIRequest *req)
167{
168 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
169
170 qemu_get_be64s(f, &r->sector);
171 qemu_get_be32s(f, &r->sector_count);
172 qemu_get_be32s(f, &r->buflen);
173 if (r->buflen) {
174 scsi_init_iovec(r, r->buflen);
175 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
176 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
18eef3bc
GH		 177 } else if (!r->req.retry) {
178 uint32_t len;
179 qemu_get_be32s(f, &len);
180 r->iov.iov_len = len;
181 assert(r->iov.iov_len <= r->buflen);
182 qemu_get_buffer(f, r->iov.iov_base, r->iov.iov_len);
43b978b9
PB		 183 }
184 }
185
186 qemu_iovec_init_external(&r->qiov, &r->iov, 1);
187}
188
5b956f41
PB		 189static bool scsi_disk_req_check_error(SCSIDiskReq *r, int ret, bool acct_failed)
190{
191 if (r->req.io_canceled) {
192 scsi_req_cancel_complete(&r->req);
193 return true;
194 }
195
14b20748 196 if (ret < 0 || (r->status && *r->status)) {
5b956f41
PB		 197 return scsi_handle_rw_error(r, -ret, acct_failed);
198 }
199
200 return false;
201}
202
c1b35247 203static void scsi_aio_complete(void *opaque, int ret)
5d0d2467
PB		 204{
205 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
206 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
207
46e3f30e
PB		 208 assert(r->req.aiocb != NULL);
209 r->req.aiocb = NULL;
b9e413dd 210 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 211 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 212 goto done;
213 }
5d0d2467 214
d7628080 215 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
5d0d2467
PB		 216 scsi_req_complete(&r->req, GOOD);
217
218done:
b9e413dd 219 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
3df9caf8 220 scsi_req_unref(&r->req);
5d0d2467
PB		 221}
222
7e8c49c5
PB		 223static bool scsi_is_cmd_fua(SCSICommand *cmd)
224{
225 switch (cmd->buf[0]) {
226 case READ_10:
227 case READ_12:
228 case READ_16:
229 case WRITE_10:
230 case WRITE_12:
231 case WRITE_16:
232 return (cmd->buf[1] & 8) != 0;
233
7f64f8e2
PB		 234 case VERIFY_10:
235 case VERIFY_12:
236 case VERIFY_16:
7e8c49c5
PB		 237 case WRITE_VERIFY_10:
238 case WRITE_VERIFY_12:
239 case WRITE_VERIFY_16:
240 return true;
241
242 case READ_6:
243 case WRITE_6:
244 default:
245 return false;
246 }
247}
248
249static void scsi_write_do_fua(SCSIDiskReq *r)
250{
251 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
252
5fd2b563 253 assert(r->req.aiocb == NULL);
5b956f41 254 assert(!r->req.io_canceled);
0c92e0e6 255
94f8ba11 256 if (r->need_fua_emulation) {
4be74634 257 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 258 BLOCK_ACCT_FLUSH);
4be74634 259 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
7e8c49c5
PB		 260 return;
261 }
262
263 scsi_req_complete(&r->req, GOOD);
3df9caf8 264 scsi_req_unref(&r->req);
7e8c49c5
PB		 265}
266
5fd2b563 267static void scsi_dma_complete_noio(SCSIDiskReq *r, int ret)
a917d384 268{
5fd2b563 269 assert(r->req.aiocb == NULL);
5b956f41 270 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 271 goto done;
272 }
a597e79c 273
b77912a7
PB		 274 r->sector += r->sector_count;
275 r->sector_count = 0;
7e8c49c5
PB		 276 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
277 scsi_write_do_fua(r);
278 return;
279 } else {
280 scsi_req_complete(&r->req, GOOD);
281 }
c7bae6a7
PB		 282
283done:
3df9caf8 284 scsi_req_unref(&r->req);
4d611c9a
PB		 285}
286
ef8489d4
PB		 287static void scsi_dma_complete(void *opaque, int ret)
288{
289 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
5fd2b563 290 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ef8489d4
PB		 291
292 assert(r->req.aiocb != NULL);
5fd2b563
PB		 293 r->req.aiocb = NULL;
294
b9e413dd 295 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 296 if (ret < 0) {
297 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
298 } else {
299 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
300 }
5fd2b563 301 scsi_dma_complete_noio(r, ret);
b9e413dd 302 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
ef8489d4
PB		 303}
304
b77912a7 305static void scsi_read_complete(void * opaque, int ret)
0a4ac106
PB		 306{
307 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
308 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
b77912a7 309 int n;
0a4ac106 310
46e3f30e
PB		 311 assert(r->req.aiocb != NULL);
312 r->req.aiocb = NULL;
b9e413dd 313 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 314 if (scsi_disk_req_check_error(r, ret, true)) {
0c92e0e6
PB		 315 goto done;
316 }
0a4ac106 317
d7628080 318 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
b77912a7
PB		 319 DPRINTF("Data ready tag=0x%x len=%zd\n", r->req.tag, r->qiov.size);
320
321 n = r->qiov.size / 512;
322 r->sector += n;
323 r->sector_count -= n;
324 scsi_req_data(&r->req, r->qiov.size);
c7bae6a7
PB		 325
326done:
3df9caf8 327 scsi_req_unref(&r->req);
b9e413dd 328 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
0a4ac106 329}
5dba48a8 330
ac668426 331/* Actually issue a read to the block device. */
5fd2b563 332static void scsi_do_read(SCSIDiskReq *r, int ret)
ac668426 333{
ac668426 334 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 335 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ac668426 336
5fd2b563 337 assert (r->req.aiocb == NULL);
5b956f41 338 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 339 goto done;
340 }
ac668426 341
31e8fd86
PB		 342 /* The request is used as the AIO opaque value, so add a ref. */
343 scsi_req_ref(&r->req);
344
ac668426 345 if (r->req.sg) {
4be74634 346 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_READ);
ac668426 347 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 348 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
349 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 350 BDRV_SECTOR_SIZE,
fcaafb10
PB		 351 sdc->dma_readv, r, scsi_dma_complete, r,
352 DMA_DIRECTION_FROM_DEVICE);
ac668426 353 } else {
03c90063 354 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
4be74634 355 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 356 r->qiov.size, BLOCK_ACCT_READ);
890e48d7 357 r->req.aiocb = sdc->dma_readv(r->sector << BDRV_SECTOR_BITS, &r->qiov,
fcaafb10 358 scsi_read_complete, r, r);
ac668426
PB		 359 }
360
361done:
3df9caf8 362 scsi_req_unref(&r->req);
ac668426
PB		 363}
364
5fd2b563
PB		 365static void scsi_do_read_cb(void *opaque, int ret)
366{
367 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
368 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
369
370 assert (r->req.aiocb != NULL);
371 r->req.aiocb = NULL;
372
b9e413dd 373 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 374 if (ret < 0) {
375 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
376 } else {
377 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
378 }
5fd2b563 379 scsi_do_read(opaque, ret);
b9e413dd 380 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 381}
382
5c6c0e51
HR		 383/* Read more data from scsi device into buffer. */
384static void scsi_read_data(SCSIRequest *req)
2e5d83bb 385{
5c6c0e51 386 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
5dba48a8 387 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ac668426 388 bool first;
2e5d83bb 389
a917d384
PB		 390 DPRINTF("Read sector_count=%d\n", r->sector_count);
391 if (r->sector_count == 0) {
b45ef674
PB		 392 /* This also clears the sense buffer for REQUEST SENSE. */
393 scsi_req_complete(&r->req, GOOD);
a917d384 394 return;
2e5d83bb
PB		 395 }
396
6fa2c95f
SH		 397 /* No data transfer may already be in progress */
398 assert(r->req.aiocb == NULL);
399
c7bae6a7
PB		 400 /* The request is used as the AIO opaque value, so add a ref. */
401 scsi_req_ref(&r->req);
efb9ee02
HR		 402 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
403 DPRINTF("Data transfer direction invalid\n");
404 scsi_read_complete(r, -EINVAL);
405 return;
406 }
407
cd723b85 408 if (!blk_is_available(req->dev->conf.blk)) {
a1aff5bf 409 scsi_read_complete(r, -ENOMEDIUM);
c7bae6a7 410 return;
a1aff5bf 411 }
c7bae6a7 412
ac668426 413 first = !r->started;
a0e66a69 414 r->started = true;
94f8ba11 415 if (first && r->need_fua_emulation) {
4be74634 416 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 417 BLOCK_ACCT_FLUSH);
5fd2b563 418 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_do_read_cb, r);
5d0d2467 419 } else {
ac668426 420 scsi_do_read(r, 0);
5d0d2467 421 }
2e5d83bb
PB		 422}
423
c7bae6a7 424/*
14b20748
FZ		 425 * scsi_handle_rw_error has two return values. False means that the error
426 * must be ignored, true means that the error has been processed and the
c7bae6a7
PB		 427 * caller should not do anything else for this request. Note that
428 * scsi_handle_rw_error always manages its reference counts, independent
429 * of the return value.
430 */
14b20748 431static bool scsi_handle_rw_error(SCSIDiskReq *r, int error, bool acct_failed)
5dba48a8 432{
c85a7a00 433 bool is_read = (r->req.cmd.mode == SCSI_XFER_FROM_DEV);
4c41d2ef 434 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
4be74634
MA		 435 BlockErrorAction action = blk_get_error_action(s->qdev.conf.blk,
436 is_read, error);
ea8a5d7f 437
a589569f 438 if (action == BLOCK_ERROR_ACTION_REPORT) {
d7628080
AG		 439 if (acct_failed) {
440 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
441 }
efb9ee02 442 switch (error) {
14b20748
FZ		 443 case 0:
444 /* The command has run, no need to fake sense. */
445 assert(r->status && *r->status);
446 scsi_req_complete(&r->req, *r->status);
447 break;
7e218df5
PB		 448 case ENOMEDIUM:
449 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
450 break;
efb9ee02 451 case ENOMEM:
b45ef674 452 scsi_check_condition(r, SENSE_CODE(TARGET_FAILURE));
efb9ee02
HR		 453 break;
454 case EINVAL:
b45ef674 455 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
efb9ee02 456 break;
703dd81a
PB		 457 case ENOSPC:
458 scsi_check_condition(r, SENSE_CODE(SPACE_ALLOC_FAILED));
459 break;
efb9ee02 460 default:
b45ef674 461 scsi_check_condition(r, SENSE_CODE(IO_ERROR));
efb9ee02 462 break;
a1f0cce2 463 }
ea8a5d7f 464 }
14b20748
FZ		 465 if (!error) {
466 assert(r->status && *r->status);
467 error = scsi_sense_buf_to_errno(r->req.sense, sizeof(r->req.sense));
468
469 if (error == ECANCELED || error == EAGAIN || error == ENOTCONN ||
470 error == 0) {
471 /* These errors are handled by guest. */
472 scsi_req_complete(&r->req, *r->status);
473 return true;
474 }
475 }
476
4be74634 477 blk_error_action(s->qdev.conf.blk, action, is_read, error);
a589569f 478 if (action == BLOCK_ERROR_ACTION_STOP) {
3e1caa5f
PB		 479 scsi_req_retry(&r->req);
480 }
a589569f 481 return action != BLOCK_ERROR_ACTION_IGNORE;
ea8a5d7f
AL		 482}
483
5fd2b563 484static void scsi_write_complete_noio(SCSIDiskReq *r, int ret)
4d611c9a 485{
ea8a5d7f
AL		 486 uint32_t n;
487
5fd2b563 488 assert (r->req.aiocb == NULL);
5b956f41 489 if (scsi_disk_req_check_error(r, ret, false)) {
0c92e0e6
PB		 490 goto done;
491 }
a597e79c 492
103b40f5 493 n = r->qiov.size / 512;
ea8a5d7f
AL		 494 r->sector += n;
495 r->sector_count -= n;
a917d384 496 if (r->sector_count == 0) {
7e8c49c5
PB		 497 scsi_write_do_fua(r);
498 return;
a917d384 499 } else {
43b978b9 500 scsi_init_iovec(r, SCSI_DMA_BUF_SIZE);
79fb50bb 501 DPRINTF("Write complete tag=0x%x more=%zd\n", r->req.tag, r->qiov.size);
103b40f5 502 scsi_req_data(&r->req, r->qiov.size);
4d611c9a 503 }
c7bae6a7
PB		 504
505done:
3df9caf8 506 scsi_req_unref(&r->req);
4d611c9a
PB		 507}
508
5fd2b563
PB		 509static void scsi_write_complete(void * opaque, int ret)
510{
511 SCSIDiskReq *r = (SCSIDiskReq *)opaque;
512 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
513
514 assert (r->req.aiocb != NULL);
515 r->req.aiocb = NULL;
516
b9e413dd 517 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
d7628080
AG		 518 if (ret < 0) {
519 block_acct_failed(blk_get_stats(s->qdev.conf.blk), &r->acct);
520 } else {
521 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
522 }
5fd2b563 523 scsi_write_complete_noio(r, ret);
b9e413dd 524 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 525}
526
42741212 527static void scsi_write_data(SCSIRequest *req)
ea8a5d7f 528{
5c6c0e51 529 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
4c41d2ef 530 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
fcaafb10 531 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
ea8a5d7f 532
6fa2c95f
SH		 533 /* No data transfer may already be in progress */
534 assert(r->req.aiocb == NULL);
535
c7bae6a7
PB		 536 /* The request is used as the AIO opaque value, so add a ref. */
537 scsi_req_ref(&r->req);
efb9ee02
HR		 538 if (r->req.cmd.mode != SCSI_XFER_TO_DEV) {
539 DPRINTF("Data transfer direction invalid\n");
5fd2b563 540 scsi_write_complete_noio(r, -EINVAL);
42741212 541 return;
efb9ee02
HR		 542 }
543
5d0d2467
PB		 544 if (!r->req.sg && !r->qiov.size) {
545 /* Called for the first time. Ask the driver to send us more data. */
a0e66a69 546 r->started = true;
5fd2b563 547 scsi_write_complete_noio(r, 0);
5d0d2467
PB		 548 return;
549 }
cd723b85 550 if (!blk_is_available(req->dev->conf.blk)) {
5fd2b563 551 scsi_write_complete_noio(r, -ENOMEDIUM);
5d0d2467
PB		 552 return;
553 }
554
7f64f8e2
PB		 555 if (r->req.cmd.buf[0] == VERIFY_10 || r->req.cmd.buf[0] == VERIFY_12 ||
556 r->req.cmd.buf[0] == VERIFY_16) {
557 if (r->req.sg) {
ef8489d4 558 scsi_dma_complete_noio(r, 0);
7f64f8e2 559 } else {
5fd2b563 560 scsi_write_complete_noio(r, 0);
7f64f8e2
PB		 561 }
562 return;
563 }
564
5d0d2467 565 if (r->req.sg) {
4be74634 566 dma_acct_start(s->qdev.conf.blk, &r->acct, r->req.sg, BLOCK_ACCT_WRITE);
5d0d2467 567 r->req.resid -= r->req.sg->size;
fcaafb10
PB		 568 r->req.aiocb = dma_blk_io(blk_get_aio_context(s->qdev.conf.blk),
569 r->req.sg, r->sector << BDRV_SECTOR_BITS,
99868af3 570 BDRV_SECTOR_SIZE,
fcaafb10
PB		 571 sdc->dma_writev, r, scsi_dma_complete, r,
572 DMA_DIRECTION_TO_DEVICE);
5d0d2467 573 } else {
4be74634 574 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
03c90063 575 r->qiov.size, BLOCK_ACCT_WRITE);
fcaafb10
PB		 576 r->req.aiocb = sdc->dma_writev(r->sector << BDRV_SECTOR_BITS, &r->qiov,
577 scsi_write_complete, r, r);
ea8a5d7f 578 }
a917d384 579}
2e5d83bb 580
a917d384 581/* Return a pointer to the data buffer. */
5c6c0e51 582static uint8_t *scsi_get_buf(SCSIRequest *req)
a917d384 583{
5c6c0e51 584 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2e5d83bb 585
3f4cb3d3 586 return (uint8_t *)r->iov.iov_base;
2e5d83bb
PB		 587}
588
0a96ca24 589int scsi_disk_emulate_vpd_page(SCSIRequest *req, uint8_t *outbuf)
0b06c059 590{
383b4d9b 591 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
0a96ca24
DHB		 592 uint8_t page_code = req->cmd.buf[2];
593 int start, buflen = 0;
0b06c059 594
0a96ca24
DHB		 595 outbuf[buflen++] = s->qdev.type & 0x1f;
596 outbuf[buflen++] = page_code;
597 outbuf[buflen++] = 0x00;
598 outbuf[buflen++] = 0x00;
599 start = buflen;
3e1c0c9a 600
0a96ca24
DHB		 601 switch (page_code) {
602 case 0x00: /* Supported page codes, mandatory */
603 {
604 DPRINTF("Inquiry EVPD[Supported pages] "
605 "buffer size %zd\n", req->cmd.xfer);
606 outbuf[buflen++] = 0x00; /* list of supported pages (this page) */
607 if (s->serial) {
608 outbuf[buflen++] = 0x80; /* unit serial number */
609 }
610 outbuf[buflen++] = 0x83; /* device identification */
611 if (s->qdev.type == TYPE_DISK) {
612 outbuf[buflen++] = 0xb0; /* block limits */
613 outbuf[buflen++] = 0xb1; /* block device characteristics */
614 outbuf[buflen++] = 0xb2; /* thin provisioning */
615 }
616 break;
617 }
618 case 0x80: /* Device serial number, optional */
619 {
620 int l;
0b06c059 621
0a96ca24
DHB		 622 if (!s->serial) {
623 DPRINTF("Inquiry (EVPD[Serial number] not supported\n");
624 return -1;
0b06c059
GH		 625 }
626
0a96ca24
DHB		 627 l = strlen(s->serial);
628 if (l > 36) {
629 l = 36;
630 }
0b06c059 631
0a96ca24
DHB		 632 DPRINTF("Inquiry EVPD[Serial number] "
633 "buffer size %zd\n", req->cmd.xfer);
634 memcpy(outbuf + buflen, s->serial, l);
635 buflen += l;
636 break;
637 }
64cc2284 638
0a96ca24
DHB		 639 case 0x83: /* Device identification page, mandatory */
640 {
641 const char *str = s->serial ?: blk_name(s->qdev.conf.blk);
642 int max_len = s->serial ? 20 : 255 - 8;
643 int id_len = strlen(str);
64cc2284 644
0a96ca24
DHB		 645 if (id_len > max_len) {
646 id_len = max_len;
0b06c059 647 }
0a96ca24
DHB		 648 DPRINTF("Inquiry EVPD[Device identification] "
649 "buffer size %zd\n", req->cmd.xfer);
650
651 outbuf[buflen++] = 0x2; /* ASCII */
652 outbuf[buflen++] = 0; /* not officially assigned */
653 outbuf[buflen++] = 0; /* reserved */
654 outbuf[buflen++] = id_len; /* length of data following */
655 memcpy(outbuf + buflen, str, id_len);
656 buflen += id_len;
657
658 if (s->qdev.wwn) {
659 outbuf[buflen++] = 0x1; /* Binary */
660 outbuf[buflen++] = 0x3; /* NAA */
661 outbuf[buflen++] = 0; /* reserved */
662 outbuf[buflen++] = 8;
663 stq_be_p(&outbuf[buflen], s->qdev.wwn);
664 buflen += 8;
ea3bd56f 665 }
0a96ca24
DHB		 666
667 if (s->qdev.port_wwn) {
668 outbuf[buflen++] = 0x61; /* SAS / Binary */
669 outbuf[buflen++] = 0x93; /* PIV / Target port / NAA */
670 outbuf[buflen++] = 0; /* reserved */
671 outbuf[buflen++] = 8;
672 stq_be_p(&outbuf[buflen], s->qdev.port_wwn);
673 buflen += 8;
070f8009 674 }
0a96ca24
DHB		 675
676 if (s->port_index) {
677 outbuf[buflen++] = 0x61; /* SAS / Binary */
678
679 /* PIV/Target port/relative target port */
680 outbuf[buflen++] = 0x94;
681
682 outbuf[buflen++] = 0; /* reserved */
683 outbuf[buflen++] = 4;
684 stw_be_p(&outbuf[buflen + 2], s->port_index);
685 buflen += 4;
ee3659e3 686 }
0a96ca24
DHB		 687 break;
688 }
689 case 0xb0: /* block limits */
690 {
691 unsigned int unmap_sectors =
692 s->qdev.conf.discard_granularity / s->qdev.blocksize;
693 unsigned int min_io_size =
694 s->qdev.conf.min_io_size / s->qdev.blocksize;
695 unsigned int opt_io_size =
696 s->qdev.conf.opt_io_size / s->qdev.blocksize;
697 unsigned int max_unmap_sectors =
698 s->max_unmap_size / s->qdev.blocksize;
699 unsigned int max_io_sectors =
700 s->max_io_size / s->qdev.blocksize;
701
702 if (s->qdev.type == TYPE_ROM) {
703 DPRINTF("Inquiry (EVPD[%02X] not supported for CDROM\n",
704 page_code);
0b06c059
GH		 705 return -1;
706 }
0a96ca24
DHB		 707 if (s->qdev.type == TYPE_DISK) {
708 int max_transfer_blk = blk_get_max_transfer(s->qdev.conf.blk);
709 int max_io_sectors_blk =
710 max_transfer_blk / s->qdev.blocksize;
711
712 max_io_sectors =
713 MIN_NON_ZERO(max_io_sectors_blk, max_io_sectors);
714
715 /* min_io_size and opt_io_size can't be greater than
716 * max_io_sectors */
717 if (min_io_size) {
718 min_io_size = MIN(min_io_size, max_io_sectors);
719 }
720 if (opt_io_size) {
721 opt_io_size = MIN(opt_io_size, max_io_sectors);
722 }
723 }
724 /* required VPD size with unmap support */
725 buflen = 0x40;
726 memset(outbuf + 4, 0, buflen - 4);
727
728 outbuf[4] = 0x1; /* wsnz */
729
730 /* optimal transfer length granularity */
731 outbuf[6] = (min_io_size >> 8) & 0xff;
732 outbuf[7] = min_io_size & 0xff;
733
734 /* maximum transfer length */
735 outbuf[8] = (max_io_sectors >> 24) & 0xff;
736 outbuf[9] = (max_io_sectors >> 16) & 0xff;
737 outbuf[10] = (max_io_sectors >> 8) & 0xff;
738 outbuf[11] = max_io_sectors & 0xff;
739
740 /* optimal transfer length */
741 outbuf[12] = (opt_io_size >> 24) & 0xff;
742 outbuf[13] = (opt_io_size >> 16) & 0xff;
743 outbuf[14] = (opt_io_size >> 8) & 0xff;
744 outbuf[15] = opt_io_size & 0xff;
745
746 /* max unmap LBA count, default is 1GB */
747 outbuf[20] = (max_unmap_sectors >> 24) & 0xff;
748 outbuf[21] = (max_unmap_sectors >> 16) & 0xff;
749 outbuf[22] = (max_unmap_sectors >> 8) & 0xff;
750 outbuf[23] = max_unmap_sectors & 0xff;
751
752 /* max unmap descriptors, 255 fit in 4 kb with an 8-byte header */
753 outbuf[24] = 0;
754 outbuf[25] = 0;
755 outbuf[26] = 0;
756 outbuf[27] = 255;
757
758 /* optimal unmap granularity */
759 outbuf[28] = (unmap_sectors >> 24) & 0xff;
760 outbuf[29] = (unmap_sectors >> 16) & 0xff;
761 outbuf[30] = (unmap_sectors >> 8) & 0xff;
762 outbuf[31] = unmap_sectors & 0xff;
763
764 /* max write same size */
765 outbuf[36] = 0;
766 outbuf[37] = 0;
767 outbuf[38] = 0;
768 outbuf[39] = 0;
769
770 outbuf[40] = (max_io_sectors >> 24) & 0xff;
771 outbuf[41] = (max_io_sectors >> 16) & 0xff;
772 outbuf[42] = (max_io_sectors >> 8) & 0xff;
773 outbuf[43] = max_io_sectors & 0xff;
774 break;
775 }
776 case 0xb1: /* block device characteristics */
777 {
740842c9 778 buflen = 0x40;
0a96ca24
DHB		 779 outbuf[4] = (s->rotation_rate >> 8) & 0xff;
780 outbuf[5] = s->rotation_rate & 0xff;
740842c9
DHB		 781 outbuf[6] = 0; /* PRODUCT TYPE */
782 outbuf[7] = 0; /* WABEREQ | WACEREQ | NOMINAL FORM FACTOR */
783 outbuf[8] = 0; /* VBULS */
0a96ca24
DHB		 784 break;
785 }
786 case 0xb2: /* thin provisioning */
787 {
788 buflen = 8;
789 outbuf[4] = 0;
790 outbuf[5] = 0xe0; /* unmap & write_same 10/16 all supported */
791 outbuf[6] = s->qdev.conf.discard_granularity ? 2 : 1;
792 outbuf[7] = 0;
793 break;
794 }
795 default:
796 return -1;
797 }
798 /* done with EVPD */
799 assert(buflen - start <= 255);
800 outbuf[start - 1] = buflen - start;
801 return buflen;
802}
803
804static int scsi_disk_emulate_inquiry(SCSIRequest *req, uint8_t *outbuf)
805{
806 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
807 int buflen = 0;
808
809 if (req->cmd.buf[1] & 0x1) {
810 /* Vital product data */
811 return scsi_disk_emulate_vpd_page(req, outbuf);
0b06c059
GH		 812 }
813
814 /* Standard INQUIRY data */
815 if (req->cmd.buf[2] != 0) {
0b06c059
GH		 816 return -1;
817 }
818
819 /* PAGE CODE == 0 */
0b06c059 820 buflen = req->cmd.xfer;
f01b5931 821 if (buflen > SCSI_MAX_INQUIRY_LEN) {
0b06c059 822 buflen = SCSI_MAX_INQUIRY_LEN;
f01b5931 823 }
0b06c059 824
f37bd73b 825 outbuf[0] = s->qdev.type & 0x1f;
bfe3d7ac 826 outbuf[1] = (s->features & (1 << SCSI_DISK_F_REMOVABLE)) ? 0x80 : 0;
353815aa
DF		 827
828 strpadcpy((char *) &outbuf[16], 16, s->product, ' ');
829 strpadcpy((char *) &outbuf[8], 8, s->vendor, ' ');
830
314b1811 831 memset(&outbuf[32], 0, 4);
552fee93 832 memcpy(&outbuf[32], s->version, MIN(4, strlen(s->version)));
99aba0c4
CH		 833 /*
834 * We claim conformance to SPC-3, which is required for guests
835 * to ask for modern features like READ CAPACITY(16) or the
836 * block characteristics VPD page by default. Not all of SPC-3
837 * is actually implemented, but we're good enough.
838 */
2343be0d 839 outbuf[2] = s->qdev.default_scsi_version;
1109c894 840 outbuf[3] = 2 | 0x10; /* Format 2, HiSup */
ad3cea42
AT		 841
842 if (buflen > 36) {
843 outbuf[4] = buflen - 5; /* Additional Length = (Len - 1) - 4 */
844 } else {
845 /* If the allocation length of CDB is too small,
846 the additional length is not adjusted */
847 outbuf[4] = 36 - 5;
848 }
849
0b06c059 850 /* Sync data transfer and TCQ. */
afd4030c 851 outbuf[7] = 0x10 | (req->bus->info->tcq ? 0x02 : 0);
0b06c059
GH		 852 return buflen;
853}
854
430ee2f2
PB		 855static inline bool media_is_dvd(SCSIDiskState *s)
856{
857 uint64_t nb_sectors;
858 if (s->qdev.type != TYPE_ROM) {
859 return false;
860 }
cd723b85 861 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 862 return false;
863 }
4be74634 864 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
430ee2f2
PB		 865 return nb_sectors > CD_MAX_SECTORS;
866}
867
ceb792ef
PB		 868static inline bool media_is_cd(SCSIDiskState *s)
869{
870 uint64_t nb_sectors;
871 if (s->qdev.type != TYPE_ROM) {
872 return false;
873 }
cd723b85 874 if (!blk_is_available(s->qdev.conf.blk)) {
7d99f4c1
MR		 875 return false;
876 }
4be74634 877 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 878 return nb_sectors <= CD_MAX_SECTORS;
879}
880
1a4f0c3a
PB		 881static int scsi_read_disc_information(SCSIDiskState *s, SCSIDiskReq *r,
882 uint8_t *outbuf)
883{
884 uint8_t type = r->req.cmd.buf[1] & 7;
885
886 if (s->qdev.type != TYPE_ROM) {
887 return -1;
888 }
889
890 /* Types 1/2 are only defined for Blu-Ray. */
891 if (type != 0) {
892 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
893 return -1;
894 }
895
896 memset(outbuf, 0, 34);
897 outbuf[1] = 32;
898 outbuf[2] = 0xe; /* last session complete, disc finalized */
899 outbuf[3] = 1; /* first track on disc */
900 outbuf[4] = 1; /* # of sessions */
901 outbuf[5] = 1; /* first track of last session */
902 outbuf[6] = 1; /* last track of last session */
903 outbuf[7] = 0x20; /* unrestricted use */
904 outbuf[8] = 0x00; /* CD-ROM or DVD-ROM */
905 /* 9-10-11: most significant byte corresponding bytes 4-5-6 */
906 /* 12-23: not meaningful for CD-ROM or DVD-ROM */
907 /* 24-31: disc bar code */
908 /* 32: disc application code */
909 /* 33: number of OPC tables */
910
911 return 34;
912}
913
b6c251ab
PB		 914static int scsi_read_dvd_structure(SCSIDiskState *s, SCSIDiskReq *r,
915 uint8_t *outbuf)
916{
ceb792ef
PB		 917 static const int rds_caps_size[5] = {
918 [0] = 2048 + 4,
919 [1] = 4 + 4,
920 [3] = 188 + 4,
921 [4] = 2048 + 4,
922 };
923
924 uint8_t media = r->req.cmd.buf[1];
925 uint8_t layer = r->req.cmd.buf[6];
926 uint8_t format = r->req.cmd.buf[7];
927 int size = -1;
928
929 if (s->qdev.type != TYPE_ROM) {
930 return -1;
931 }
932 if (media != 0) {
933 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
934 return -1;
935 }
936
937 if (format != 0xff) {
cd723b85 938 if (!blk_is_available(s->qdev.conf.blk)) {
ceb792ef
PB		 939 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
940 return -1;
941 }
942 if (media_is_cd(s)) {
943 scsi_check_condition(r, SENSE_CODE(INCOMPATIBLE_FORMAT));
944 return -1;
945 }
946 if (format >= ARRAY_SIZE(rds_caps_size)) {
947 return -1;
948 }
949 size = rds_caps_size[format];
950 memset(outbuf, 0, size);
951 }
952
953 switch (format) {
954 case 0x00: {
955 /* Physical format information */
956 uint64_t nb_sectors;
957 if (layer != 0) {
958 goto fail;
959 }
4be74634 960 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
ceb792ef
PB		 961
962 outbuf[4] = 1; /* DVD-ROM, part version 1 */
963 outbuf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
964 outbuf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
965 outbuf[7] = 0; /* default densities */
966
967 stl_be_p(&outbuf[12], (nb_sectors >> 2) - 1); /* end sector */
968 stl_be_p(&outbuf[16], (nb_sectors >> 2) - 1); /* l0 end sector */
969 break;
970 }
971
972 case 0x01: /* DVD copyright information, all zeros */
973 break;
974
975 case 0x03: /* BCA information - invalid field for no BCA info */
976 return -1;
977
978 case 0x04: /* DVD disc manufacturing information, all zeros */
979 break;
980
981 case 0xff: { /* List capabilities */
982 int i;
983 size = 4;
984 for (i = 0; i < ARRAY_SIZE(rds_caps_size); i++) {
985 if (!rds_caps_size[i]) {
986 continue;
987 }
988 outbuf[size] = i;
989 outbuf[size + 1] = 0x40; /* Not writable, readable */
990 stw_be_p(&outbuf[size + 2], rds_caps_size[i]);
991 size += 4;
992 }
993 break;
994 }
995
996 default:
997 return -1;
998 }
999
1000 /* Size of buffer, not including 2 byte size field */
1001 stw_be_p(outbuf, size - 2);
1002 return size;
1003
1004fail:
b6c251ab
PB		 1005 return -1;
1006}
1007
3c2f7c12 1008static int scsi_event_status_media(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 1009{
3c2f7c12
PB		 1010 uint8_t event_code, media_status;
1011
1012 media_status = 0;
1013 if (s->tray_open) {
1014 media_status = MS_TRAY_OPEN;
4be74634 1015 } else if (blk_is_inserted(s->qdev.conf.blk)) {
3c2f7c12
PB		 1016 media_status = MS_MEDIA_PRESENT;
1017 }
1018
1019 /* Event notification descriptor */
1020 event_code = MEC_NO_CHANGE;
4480de19
PB		 1021 if (media_status != MS_TRAY_OPEN) {
1022 if (s->media_event) {
1023 event_code = MEC_NEW_MEDIA;
1024 s->media_event = false;
1025 } else if (s->eject_request) {
1026 event_code = MEC_EJECT_REQUESTED;
1027 s->eject_request = false;
1028 }
3c2f7c12
PB		 1029 }
1030
1031 outbuf[0] = event_code;
1032 outbuf[1] = media_status;
1033
1034 /* These fields are reserved, just clear them. */
1035 outbuf[2] = 0;
1036 outbuf[3] = 0;
1037 return 4;
1038}
1039
1040static int scsi_get_event_status_notification(SCSIDiskState *s, SCSIDiskReq *r,
1041 uint8_t *outbuf)
1042{
1043 int size;
1044 uint8_t *buf = r->req.cmd.buf;
1045 uint8_t notification_class_request = buf[4];
1046 if (s->qdev.type != TYPE_ROM) {
1047 return -1;
1048 }
1049 if ((buf[1] & 1) == 0) {
1050 /* asynchronous */
1051 return -1;
1052 }
1053
1054 size = 4;
1055 outbuf[0] = outbuf[1] = 0;
1056 outbuf[3] = 1 << GESN_MEDIA; /* supported events */
1057 if (notification_class_request & (1 << GESN_MEDIA)) {
1058 outbuf[2] = GESN_MEDIA;
1059 size += scsi_event_status_media(s, &outbuf[size]);
1060 } else {
1061 outbuf[2] = 0x80;
1062 }
1063 stw_be_p(outbuf, size - 4);
1064 return size;
b6c251ab
PB		 1065}
1066
430ee2f2 1067static int scsi_get_configuration(SCSIDiskState *s, uint8_t *outbuf)
b6c251ab 1068{
430ee2f2
PB		 1069 int current;
1070
b6c251ab
PB		 1071 if (s->qdev.type != TYPE_ROM) {
1072 return -1;
1073 }
7d99f4c1
MR		 1074
1075 if (media_is_dvd(s)) {
1076 current = MMC_PROFILE_DVD_ROM;
1077 } else if (media_is_cd(s)) {
1078 current = MMC_PROFILE_CD_ROM;
1079 } else {
1080 current = MMC_PROFILE_NONE;
1081 }
1082
430ee2f2
PB		 1083 memset(outbuf, 0, 40);
1084 stl_be_p(&outbuf[0], 36); /* Bytes after the data length field */
1085 stw_be_p(&outbuf[6], current);
1086 /* outbuf[8] - outbuf[19]: Feature 0 - Profile list */
1087 outbuf[10] = 0x03; /* persistent, current */
1088 outbuf[11] = 8; /* two profiles */
1089 stw_be_p(&outbuf[12], MMC_PROFILE_DVD_ROM);
1090 outbuf[14] = (current == MMC_PROFILE_DVD_ROM);
1091 stw_be_p(&outbuf[16], MMC_PROFILE_CD_ROM);
1092 outbuf[18] = (current == MMC_PROFILE_CD_ROM);
1093 /* outbuf[20] - outbuf[31]: Feature 1 - Core feature */
1094 stw_be_p(&outbuf[20], 1);
1095 outbuf[22] = 0x08 | 0x03; /* version 2, persistent, current */
1096 outbuf[23] = 8;
1097 stl_be_p(&outbuf[24], 1); /* SCSI */
1098 outbuf[28] = 1; /* DBE = 1, mandatory */
1099 /* outbuf[32] - outbuf[39]: Feature 3 - Removable media feature */
1100 stw_be_p(&outbuf[32], 3);
1101 outbuf[34] = 0x08 | 0x03; /* version 2, persistent, current */
1102 outbuf[35] = 4;
1103 outbuf[36] = 0x39; /* tray, load=1, eject=1, unlocked at powerup, lock=1 */
1104 /* TODO: Random readable, CD read, DVD read, drive serial number,
1105 power management */
1106 return 40;
b6c251ab
PB		 1107}
1108
1109static int scsi_emulate_mechanism_status(SCSIDiskState *s, uint8_t *outbuf)
1110{
1111 if (s->qdev.type != TYPE_ROM) {
1112 return -1;
1113 }
1114 memset(outbuf, 0, 8);
1115 outbuf[5] = 1; /* CD-ROM */
1116 return 8;
1117}
1118
cfc606da 1119static int mode_sense_page(SCSIDiskState *s, int page, uint8_t **p_outbuf,
282ab04e 1120 int page_control)
ebddfcbe 1121{
a8f4bbe2
PB		 1122 static const int mode_sense_valid[0x3f] = {
1123 [MODE_PAGE_HD_GEOMETRY] = (1 << TYPE_DISK),
1124 [MODE_PAGE_FLEXIBLE_DISK_GEOMETRY] = (1 << TYPE_DISK),
1125 [MODE_PAGE_CACHING] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
a07c7dcd
PB		 1126 [MODE_PAGE_R_W_ERROR] = (1 << TYPE_DISK) | (1 << TYPE_ROM),
1127 [MODE_PAGE_AUDIO_CTL] = (1 << TYPE_ROM),
a8f4bbe2
PB		 1128 [MODE_PAGE_CAPABILITIES] = (1 << TYPE_ROM),
1129 };
ef405611
PB		 1130
1131 uint8_t *p = *p_outbuf + 2;
1132 int length;
ebddfcbe 1133
a8f4bbe2
PB		 1134 if ((mode_sense_valid[page] & (1 << s->qdev.type)) == 0) {
1135 return -1;
1136 }
1137
282ab04e
BK		 1138 /*
1139 * If Changeable Values are requested, a mask denoting those mode parameters
1140 * that are changeable shall be returned. As we currently don't support
1141 * parameter changes via MODE_SELECT all bits are returned set to zero.
1142 * The buffer was already menset to zero by the caller of this function.
ef405611
PB		 1143 *
1144 * The offsets here are off by two compared to the descriptions in the
1145 * SCSI specs, because those include a 2-byte header. This is unfortunate,
1146 * but it is done so that offsets are consistent within our implementation
1147 * of MODE SENSE and MODE SELECT. MODE SELECT has to deal with both
1148 * 2-byte and 4-byte headers.
282ab04e 1149 */
ebddfcbe 1150 switch (page) {
67cc61e4 1151 case MODE_PAGE_HD_GEOMETRY:
ef405611 1152 length = 0x16;
282ab04e 1153 if (page_control == 1) { /* Changeable Values */
cfc606da 1154 break;
282ab04e 1155 }
ebddfcbe 1156 /* if a geometry hint is available, use it */
ef405611
PB		 1157 p[0] = (s->qdev.conf.cyls >> 16) & 0xff;
1158 p[1] = (s->qdev.conf.cyls >> 8) & 0xff;
1159 p[2] = s->qdev.conf.cyls & 0xff;
1160 p[3] = s->qdev.conf.heads & 0xff;
ebddfcbe 1161 /* Write precomp start cylinder, disabled */
ef405611
PB		 1162 p[4] = (s->qdev.conf.cyls >> 16) & 0xff;
1163 p[5] = (s->qdev.conf.cyls >> 8) & 0xff;
1164 p[6] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1165 /* Reduced current start cylinder, disabled */
ef405611
PB		 1166 p[7] = (s->qdev.conf.cyls >> 16) & 0xff;
1167 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1168 p[9] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1169 /* Device step rate [ns], 200ns */
ef405611
PB		 1170 p[10] = 0;
1171 p[11] = 200;
ebddfcbe 1172 /* Landing zone cylinder */
ef405611
PB		 1173 p[12] = 0xff;
1174 p[13] = 0xff;
ebddfcbe 1175 p[14] = 0xff;
ebddfcbe 1176 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1177 p[18] = (5400 >> 8) & 0xff;
1178 p[19] = 5400 & 0xff;
cfc606da 1179 break;
ebddfcbe 1180
67cc61e4 1181 case MODE_PAGE_FLEXIBLE_DISK_GEOMETRY:
ef405611 1182 length = 0x1e;
282ab04e 1183 if (page_control == 1) { /* Changeable Values */
cfc606da 1184 break;
282ab04e 1185 }
ebddfcbe 1186 /* Transfer rate [kbit/s], 5Mbit/s */
ef405611
PB		 1187 p[0] = 5000 >> 8;
1188 p[1] = 5000 & 0xff;
ebddfcbe 1189 /* if a geometry hint is available, use it */
ef405611
PB		 1190 p[2] = s->qdev.conf.heads & 0xff;
1191 p[3] = s->qdev.conf.secs & 0xff;
1192 p[4] = s->qdev.blocksize >> 8;
1193 p[6] = (s->qdev.conf.cyls >> 8) & 0xff;
1194 p[7] = s->qdev.conf.cyls & 0xff;
1195 /* Write precomp start cylinder, disabled */
d252df48
MA		 1196 p[8] = (s->qdev.conf.cyls >> 8) & 0xff;
1197 p[9] = s->qdev.conf.cyls & 0xff;
ef405611 1198 /* Reduced current start cylinder, disabled */
d252df48
MA		 1199 p[10] = (s->qdev.conf.cyls >> 8) & 0xff;
1200 p[11] = s->qdev.conf.cyls & 0xff;
ebddfcbe 1201 /* Device step rate [100us], 100us */
ef405611
PB		 1202 p[12] = 0;
1203 p[13] = 1;
ebddfcbe 1204 /* Device step pulse width [us], 1us */
ef405611 1205 p[14] = 1;
ebddfcbe 1206 /* Device head settle delay [100us], 100us */
ef405611
PB		 1207 p[15] = 0;
1208 p[16] = 1;
ebddfcbe 1209 /* Motor on delay [0.1s], 0.1s */
ef405611 1210 p[17] = 1;
ebddfcbe 1211 /* Motor off delay [0.1s], 0.1s */
ef405611 1212 p[18] = 1;
ebddfcbe 1213 /* Medium rotation rate [rpm], 5400 rpm */
ef405611
PB		 1214 p[26] = (5400 >> 8) & 0xff;
1215 p[27] = 5400 & 0xff;
cfc606da 1216 break;
ebddfcbe 1217
67cc61e4 1218 case MODE_PAGE_CACHING:
ef405611 1219 length = 0x12;
96c91bbf 1220 if (page_control == 1 || /* Changeable Values */
4be74634 1221 blk_enable_write_cache(s->qdev.conf.blk)) {
ef405611 1222 p[0] = 4; /* WCE */
ebddfcbe 1223 }
cfc606da 1224 break;
ebddfcbe 1225
a07c7dcd 1226 case MODE_PAGE_R_W_ERROR:
ef405611 1227 length = 10;
4f588b15
PB		 1228 if (page_control == 1) { /* Changeable Values */
1229 break;
1230 }
ef405611 1231 p[0] = 0x80; /* Automatic Write Reallocation Enabled */
a07c7dcd 1232 if (s->qdev.type == TYPE_ROM) {
ef405611 1233 p[1] = 0x20; /* Read Retry Count */
a07c7dcd
PB		 1234 }
1235 break;
1236
1237 case MODE_PAGE_AUDIO_CTL:
ef405611 1238 length = 14;
a07c7dcd
PB		 1239 break;
1240
67cc61e4 1241 case MODE_PAGE_CAPABILITIES:
ef405611 1242 length = 0x14;
282ab04e 1243 if (page_control == 1) { /* Changeable Values */
cfc606da 1244 break;
282ab04e 1245 }
a07c7dcd 1246
ef405611
PB		 1247 p[0] = 0x3b; /* CD-R & CD-RW read */
1248 p[1] = 0; /* Writing not supported */
1249 p[2] = 0x7f; /* Audio, composite, digital out,
ebddfcbe 1250 mode 2 form 1&2, multi session */
ef405611 1251 p[3] = 0xff; /* CD DA, DA accurate, RW supported,
ebddfcbe
GH		 1252 RW corrected, C2 errors, ISRC,
1253 UPC, Bar code */
ef405611 1254 p[4] = 0x2d | (s->tray_locked ? 2 : 0);
ebddfcbe 1255 /* Locking supported, jumper present, eject, tray */
ef405611 1256 p[5] = 0; /* no volume & mute control, no
ebddfcbe 1257 changer */
ef405611
PB		 1258 p[6] = (50 * 176) >> 8; /* 50x read speed */
1259 p[7] = (50 * 176) & 0xff;
1260 p[8] = 2 >> 8; /* Two volume levels */
1261 p[9] = 2 & 0xff;
1262 p[10] = 2048 >> 8; /* 2M buffer */
1263 p[11] = 2048 & 0xff;
1264 p[12] = (16 * 176) >> 8; /* 16x read speed current */
1265 p[13] = (16 * 176) & 0xff;
1266 p[16] = (16 * 176) >> 8; /* 16x write speed */
1267 p[17] = (16 * 176) & 0xff;
1268 p[18] = (16 * 176) >> 8; /* 16x write speed current */
ebddfcbe 1269 p[19] = (16 * 176) & 0xff;
cfc606da 1270 break;
ebddfcbe
GH		 1271
1272 default:
cfc606da 1273 return -1;
ebddfcbe 1274 }
cfc606da 1275
ef405611
PB		 1276 assert(length < 256);
1277 (*p_outbuf)[0] = page;
1278 (*p_outbuf)[1] = length;
1279 *p_outbuf += length + 2;
1280 return length + 2;
ebddfcbe
GH		 1281}
1282
cfc606da 1283static int scsi_disk_emulate_mode_sense(SCSIDiskReq *r, uint8_t *outbuf)
ebddfcbe 1284{
cfc606da 1285 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
ebddfcbe 1286 uint64_t nb_sectors;
e590ecbe
PB		 1287 bool dbd;
1288 int page, buflen, ret, page_control;
ebddfcbe 1289 uint8_t *p;
ce512ee1 1290 uint8_t dev_specific_param;
ebddfcbe 1291
e590ecbe 1292 dbd = (r->req.cmd.buf[1] & 0x8) != 0;
cfc606da
PB		 1293 page = r->req.cmd.buf[2] & 0x3f;
1294 page_control = (r->req.cmd.buf[2] & 0xc0) >> 6;
aa2b1e89 1295 DPRINTF("Mode Sense(%d) (page %d, xfer %zd, page_control %d)\n",
cfc606da
PB		 1296 (r->req.cmd.buf[0] == MODE_SENSE) ? 6 : 10, page, r->req.cmd.xfer, page_control);
1297 memset(outbuf, 0, r->req.cmd.xfer);
ebddfcbe
GH		 1298 p = outbuf;
1299
e590ecbe 1300 if (s->qdev.type == TYPE_DISK) {
da8365db 1301 dev_specific_param = s->features & (1 << SCSI_DISK_F_DPOFUA) ? 0x10 : 0;
4be74634 1302 if (blk_is_read_only(s->qdev.conf.blk)) {
e590ecbe
PB		 1303 dev_specific_param |= 0x80; /* Readonly. */
1304 }
ce512ee1 1305 } else {
e590ecbe
PB		 1306 /* MMC prescribes that CD/DVD drives have no block descriptors,
1307 * and defines no device-specific parameter. */
6a2de0f2 1308 dev_specific_param = 0x00;
e590ecbe 1309 dbd = true;
ce512ee1
BK		 1310 }
1311
cfc606da 1312 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1313 p[1] = 0; /* Default media type. */
1314 p[2] = dev_specific_param;
1315 p[3] = 0; /* Block descriptor length. */
1316 p += 4;
1317 } else { /* MODE_SENSE_10 */
1318 p[2] = 0; /* Default media type. */
1319 p[3] = dev_specific_param;
1320 p[6] = p[7] = 0; /* Block descriptor length. */
1321 p += 8;
ebddfcbe 1322 }
ebddfcbe 1323
4be74634 1324 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
e590ecbe 1325 if (!dbd && nb_sectors) {
cfc606da 1326 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1327 outbuf[3] = 8; /* Block descriptor length */
1328 } else { /* MODE_SENSE_10 */
1329 outbuf[7] = 8; /* Block descriptor length */
1330 }
69377307 1331 nb_sectors /= (s->qdev.blocksize / 512);
f01b5931 1332 if (nb_sectors > 0xffffff) {
2488b740 1333 nb_sectors = 0;
f01b5931 1334 }
ebddfcbe
GH		 1335 p[0] = 0; /* media density code */
1336 p[1] = (nb_sectors >> 16) & 0xff;
1337 p[2] = (nb_sectors >> 8) & 0xff;
1338 p[3] = nb_sectors & 0xff;
1339 p[4] = 0; /* reserved */
1340 p[5] = 0; /* bytes 5-7 are the sector size in bytes */
69377307 1341 p[6] = s->qdev.blocksize >> 8;
ebddfcbe
GH		 1342 p[7] = 0;
1343 p += 8;
1344 }
1345
cfc606da
PB		 1346 if (page_control == 3) {
1347 /* Saved Values */
1348 scsi_check_condition(r, SENSE_CODE(SAVING_PARAMS_NOT_SUPPORTED));
1349 return -1;
282ab04e
BK		 1350 }
1351
cfc606da
PB		 1352 if (page == 0x3f) {
1353 for (page = 0; page <= 0x3e; page++) {
1354 mode_sense_page(s, page, &p, page_control);
1355 }
1356 } else {
1357 ret = mode_sense_page(s, page, &p, page_control);
1358 if (ret == -1) {
1359 return -1;
1360 }
ebddfcbe
GH		 1361 }
1362
1363 buflen = p - outbuf;
ce512ee1
BK		 1364 /*
1365 * The mode data length field specifies the length in bytes of the
1366 * following data that is available to be transferred. The mode data
1367 * length does not include itself.
1368 */
cfc606da 1369 if (r->req.cmd.buf[0] == MODE_SENSE) {
ce512ee1
BK		 1370 outbuf[0] = buflen - 1;
1371 } else { /* MODE_SENSE_10 */
1372 outbuf[0] = ((buflen - 2) >> 8) & 0xff;
1373 outbuf[1] = (buflen - 2) & 0xff;
1374 }
ebddfcbe
GH		 1375 return buflen;
1376}
1377
02880f43
GH		 1378static int scsi_disk_emulate_read_toc(SCSIRequest *req, uint8_t *outbuf)
1379{
1380 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
02880f43
GH		 1381 int start_track, format, msf, toclen;
1382 uint64_t nb_sectors;
1383
1384 msf = req->cmd.buf[1] & 2;
1385 format = req->cmd.buf[2] & 0xf;
1386 start_track = req->cmd.buf[6];
4be74634 1387 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
02880f43 1388 DPRINTF("Read TOC (track %d format %d msf %d)\n", start_track, format, msf >> 1);
69377307 1389 nb_sectors /= s->qdev.blocksize / 512;
02880f43
GH		 1390 switch (format) {
1391 case 0:
1392 toclen = cdrom_read_toc(nb_sectors, outbuf, msf, start_track);
1393 break;
1394 case 1:
1395 /* multi session : only a single session defined */
1396 toclen = 12;
1397 memset(outbuf, 0, 12);
1398 outbuf[1] = 0x0a;
1399 outbuf[2] = 0x01;
1400 outbuf[3] = 0x01;
1401 break;
1402 case 2:
1403 toclen = cdrom_read_toc_raw(nb_sectors, outbuf, msf, start_track);
1404 break;
1405 default:
1406 return -1;
1407 }
02880f43
GH		 1408 return toclen;
1409}
1410
68bb01f3 1411static int scsi_disk_emulate_start_stop(SCSIDiskReq *r)
bfd52647
MA		 1412{
1413 SCSIRequest *req = &r->req;
1414 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1415 bool start = req->cmd.buf[4] & 1;
1416 bool loej = req->cmd.buf[4] & 2; /* load on start, eject on !start */
ae5708b3
RS		 1417 int pwrcnd = req->cmd.buf[4] & 0xf0;
1418
1419 if (pwrcnd) {
1420 /* eject/load only happens for power condition == 0 */
1421 return 0;
1422 }
bfd52647 1423
b456a71c 1424 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) && loej) {
68bb01f3
MA		 1425 if (!start && !s->tray_open && s->tray_locked) {
1426 scsi_check_condition(r,
4be74634 1427 blk_is_inserted(s->qdev.conf.blk)
68bb01f3
MA		 1428 ? SENSE_CODE(ILLEGAL_REQ_REMOVAL_PREVENTED)
1429 : SENSE_CODE(NOT_READY_REMOVAL_PREVENTED));
1430 return -1;
fdec4404 1431 }
d88b1819
LC		 1432
1433 if (s->tray_open != !start) {
4be74634 1434 blk_eject(s->qdev.conf.blk, !start);
d88b1819
LC		 1435 s->tray_open = !start;
1436 }
bfd52647 1437 }
68bb01f3 1438 return 0;
bfd52647
MA		 1439}
1440
314a3299
PB		 1441static void scsi_disk_emulate_read_data(SCSIRequest *req)
1442{
1443 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1444 int buflen = r->iov.iov_len;
1445
1446 if (buflen) {
79fb50bb 1447 DPRINTF("Read buf_len=%d\n", buflen);
314a3299
PB		 1448 r->iov.iov_len = 0;
1449 r->started = true;
1450 scsi_req_data(&r->req, buflen);
1451 return;
1452 }
1453
1454 /* This also clears the sense buffer for REQUEST SENSE. */
1455 scsi_req_complete(&r->req, GOOD);
1456}
1457
380feaff
PB		 1458static int scsi_disk_check_mode_select(SCSIDiskState *s, int page,
1459 uint8_t *inbuf, int inlen)
1460{
1461 uint8_t mode_current[SCSI_MAX_MODE_LEN];
1462 uint8_t mode_changeable[SCSI_MAX_MODE_LEN];
1463 uint8_t *p;
1464 int len, expected_len, changeable_len, i;
1465
1466 /* The input buffer does not include the page header, so it is
1467 * off by 2 bytes.
1468 */
1469 expected_len = inlen + 2;
1470 if (expected_len > SCSI_MAX_MODE_LEN) {
1471 return -1;
1472 }
1473
1474 p = mode_current;
1475 memset(mode_current, 0, inlen + 2);
1476 len = mode_sense_page(s, page, &p, 0);
1477 if (len < 0 || len != expected_len) {
1478 return -1;
1479 }
1480
1481 p = mode_changeable;
1482 memset(mode_changeable, 0, inlen + 2);
1483 changeable_len = mode_sense_page(s, page, &p, 1);
1484 assert(changeable_len == len);
1485
1486 /* Check that unchangeable bits are the same as what MODE SENSE
1487 * would return.
1488 */
1489 for (i = 2; i < len; i++) {
1490 if (((mode_current[i] ^ inbuf[i - 2]) & ~mode_changeable[i]) != 0) {
1491 return -1;
1492 }
1493 }
1494 return 0;
1495}
1496
1497static void scsi_disk_apply_mode_select(SCSIDiskState *s, int page, uint8_t *p)
1498{
96c91bbf
PB		 1499 switch (page) {
1500 case MODE_PAGE_CACHING:
4be74634 1501 blk_set_enable_write_cache(s->qdev.conf.blk, (p[0] & 4) != 0);
96c91bbf
PB		 1502 break;
1503
1504 default:
1505 break;
1506 }
380feaff
PB		 1507}
1508
1509static int mode_select_pages(SCSIDiskReq *r, uint8_t *p, int len, bool change)
1510{
1511 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1512
1513 while (len > 0) {
1514 int page, subpage, page_len;
1515
1516 /* Parse both possible formats for the mode page headers. */
1517 page = p[0] & 0x3f;
1518 if (p[0] & 0x40) {
1519 if (len < 4) {
1520 goto invalid_param_len;
1521 }
1522 subpage = p[1];
1523 page_len = lduw_be_p(&p[2]);
1524 p += 4;
1525 len -= 4;
1526 } else {
1527 if (len < 2) {
1528 goto invalid_param_len;
1529 }
1530 subpage = 0;
1531 page_len = p[1];
1532 p += 2;
1533 len -= 2;
1534 }
1535
1536 if (subpage) {
1537 goto invalid_param;
1538 }
1539 if (page_len > len) {
1540 goto invalid_param_len;
1541 }
1542
1543 if (!change) {
1544 if (scsi_disk_check_mode_select(s, page, p, page_len) < 0) {
1545 goto invalid_param;
1546 }
1547 } else {
1548 scsi_disk_apply_mode_select(s, page, p);
1549 }
1550
1551 p += page_len;
1552 len -= page_len;
1553 }
1554 return 0;
1555
1556invalid_param:
1557 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1558 return -1;
1559
1560invalid_param_len:
1561 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1562 return -1;
1563}
1564
1565static void scsi_disk_emulate_mode_select(SCSIDiskReq *r, uint8_t *inbuf)
1566{
accfeb2d 1567 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
380feaff
PB		 1568 uint8_t *p = inbuf;
1569 int cmd = r->req.cmd.buf[0];
1570 int len = r->req.cmd.xfer;
1571 int hdr_len = (cmd == MODE_SELECT ? 4 : 8);
1572 int bd_len;
1573 int pass;
1574
1575 /* We only support PF=1, SP=0. */
1576 if ((r->req.cmd.buf[1] & 0x11) != 0x10) {
1577 goto invalid_field;
1578 }
1579
1580 if (len < hdr_len) {
1581 goto invalid_param_len;
1582 }
1583
1584 bd_len = (cmd == MODE_SELECT ? p[3] : lduw_be_p(&p[6]));
1585 len -= hdr_len;
1586 p += hdr_len;
1587 if (len < bd_len) {
1588 goto invalid_param_len;
1589 }
1590 if (bd_len != 0 && bd_len != 8) {
1591 goto invalid_param;
1592 }
1593
1594 len -= bd_len;
1595 p += bd_len;
1596
1597 /* Ensure no change is made if there is an error! */
1598 for (pass = 0; pass < 2; pass++) {
1599 if (mode_select_pages(r, p, len, pass == 1) < 0) {
1600 assert(pass == 0);
1601 return;
1602 }
1603 }
4be74634 1604 if (!blk_enable_write_cache(s->qdev.conf.blk)) {
accfeb2d
PB		 1605 /* The request is used as the AIO opaque value, so add a ref. */
1606 scsi_req_ref(&r->req);
4be74634 1607 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 1608 BLOCK_ACCT_FLUSH);
4be74634 1609 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
accfeb2d
PB		 1610 return;
1611 }
1612
380feaff
PB		 1613 scsi_req_complete(&r->req, GOOD);
1614 return;
1615
1616invalid_param:
1617 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM));
1618 return;
1619
1620invalid_param_len:
1621 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
1622 return;
1623
1624invalid_field:
1625 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
380feaff
PB		 1626}
1627
444bc908
PB		 1628static inline bool check_lba_range(SCSIDiskState *s,
1629 uint64_t sector_num, uint32_t nb_sectors)
1630{
1631 /*
1632 * The first line tests that no overflow happens when computing the last
1633 * sector. The second line tests that the last accessed sector is in
1634 * range.
12ca76fc
PB		 1635 *
1636 * Careful, the computations should not underflow for nb_sectors == 0,
1637 * and a 0-block read to the first LBA beyond the end of device is
1638 * valid.
444bc908
PB		 1639 */
1640 return (sector_num <= sector_num + nb_sectors &&
12ca76fc 1641 sector_num + nb_sectors <= s->qdev.max_lba + 1);
444bc908
PB		 1642}
1643
5222aaf2
PB		 1644typedef struct UnmapCBData {
1645 SCSIDiskReq *r;
1646 uint8_t *inbuf;
1647 int count;
1648} UnmapCBData;
1649
5fd2b563
PB		 1650static void scsi_unmap_complete(void *opaque, int ret);
1651
1652static void scsi_unmap_complete_noio(UnmapCBData *data, int ret)
5222aaf2 1653{
5222aaf2
PB		 1654 SCSIDiskReq *r = data->r;
1655 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1656 uint64_t sector_num;
5bb0b62e 1657 uint32_t nb_sectors;
5222aaf2 1658
5fd2b563 1659 assert(r->req.aiocb == NULL);
5b956f41 1660 if (scsi_disk_req_check_error(r, ret, false)) {
d0242ead
PB		 1661 goto done;
1662 }
1663
d0242ead 1664 if (data->count > 0) {
5222aaf2
PB		 1665 sector_num = ldq_be_p(&data->inbuf[0]);
1666 nb_sectors = ldl_be_p(&data->inbuf[8]) & 0xffffffffULL;
444bc908 1667 if (!check_lba_range(s, sector_num, nb_sectors)) {
5222aaf2
PB		 1668 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1669 goto done;
1670 }
1671
1c6c4bb7
EB		 1672 r->req.aiocb = blk_aio_pdiscard(s->qdev.conf.blk,
1673 sector_num * s->qdev.blocksize,
1674 nb_sectors * s->qdev.blocksize,
1675 scsi_unmap_complete, data);
5222aaf2
PB		 1676 data->count--;
1677 data->inbuf += 16;
1678 return;
1679 }
1680
d0242ead
PB		 1681 scsi_req_complete(&r->req, GOOD);
1682
5222aaf2 1683done:
3df9caf8 1684 scsi_req_unref(&r->req);
5222aaf2
PB		 1685 g_free(data);
1686}
1687
5fd2b563
PB		 1688static void scsi_unmap_complete(void *opaque, int ret)
1689{
1690 UnmapCBData *data = opaque;
1691 SCSIDiskReq *r = data->r;
b9e413dd 1692 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5fd2b563
PB		 1693
1694 assert(r->req.aiocb != NULL);
1695 r->req.aiocb = NULL;
1696
b9e413dd 1697 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563 1698 scsi_unmap_complete_noio(data, ret);
b9e413dd 1699 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
5fd2b563
PB		 1700}
1701
5222aaf2
PB		 1702static void scsi_disk_emulate_unmap(SCSIDiskReq *r, uint8_t *inbuf)
1703{
c5fd1fb0 1704 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
5222aaf2
PB		 1705 uint8_t *p = inbuf;
1706 int len = r->req.cmd.xfer;
1707 UnmapCBData *data;
1708
823bd739
PB		 1709 /* Reject ANCHOR=1. */
1710 if (r->req.cmd.buf[1] & 0x1) {
1711 goto invalid_field;
1712 }
1713
5222aaf2
PB		 1714 if (len < 8) {
1715 goto invalid_param_len;
1716 }
1717 if (len < lduw_be_p(&p[0]) + 2) {
1718 goto invalid_param_len;
1719 }
1720 if (len < lduw_be_p(&p[2]) + 8) {
1721 goto invalid_param_len;
1722 }
1723 if (lduw_be_p(&p[2]) & 15) {
1724 goto invalid_param_len;
1725 }
1726
4be74634 1727 if (blk_is_read_only(s->qdev.conf.blk)) {
c5fd1fb0
PB		 1728 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1729 return;
1730 }
1731
5222aaf2
PB		 1732 data = g_new0(UnmapCBData, 1);
1733 data->r = r;
1734 data->inbuf = &p[8];
1735 data->count = lduw_be_p(&p[2]) >> 4;
1736
1737 /* The matching unref is in scsi_unmap_complete, before data is freed. */
1738 scsi_req_ref(&r->req);
5fd2b563 1739 scsi_unmap_complete_noio(data, 0);
5222aaf2
PB		 1740 return;
1741
1742invalid_param_len:
1743 scsi_check_condition(r, SENSE_CODE(INVALID_PARAM_LEN));
823bd739
PB		 1744 return;
1745
1746invalid_field:
1747 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
5222aaf2
PB		 1748}
1749
84f94a9a
PB		 1750typedef struct WriteSameCBData {
1751 SCSIDiskReq *r;
1752 int64_t sector;
1753 int nb_sectors;
1754 QEMUIOVector qiov;
1755 struct iovec iov;
1756} WriteSameCBData;
1757
1758static void scsi_write_same_complete(void *opaque, int ret)
1759{
1760 WriteSameCBData *data = opaque;
1761 SCSIDiskReq *r = data->r;
1762 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
1763
1764 assert(r->req.aiocb != NULL);
1765 r->req.aiocb = NULL;
b9e413dd 1766 aio_context_acquire(blk_get_aio_context(s->qdev.conf.blk));
5b956f41 1767 if (scsi_disk_req_check_error(r, ret, true)) {
84f94a9a
PB		 1768 goto done;
1769 }
1770
d7628080
AG		 1771 block_acct_done(blk_get_stats(s->qdev.conf.blk), &r->acct);
1772
84f94a9a
PB		 1773 data->nb_sectors -= data->iov.iov_len / 512;
1774 data->sector += data->iov.iov_len / 512;
1775 data->iov.iov_len = MIN(data->nb_sectors * 512, data->iov.iov_len);
1776 if (data->iov.iov_len) {
4be74634 1777 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1778 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1779 /* Reinitialize qiov, to handle unaligned WRITE SAME request
1780 * where final qiov may need smaller size */
a56537a1 1781 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
03c90063
EB		 1782 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1783 data->sector << BDRV_SECTOR_BITS,
1784 &data->qiov, 0,
1785 scsi_write_same_complete, data);
24355b79 1786 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1787 return;
1788 }
1789
1790 scsi_req_complete(&r->req, GOOD);
1791
1792done:
3df9caf8 1793 scsi_req_unref(&r->req);
84f94a9a
PB		 1794 qemu_vfree(data->iov.iov_base);
1795 g_free(data);
b9e413dd 1796 aio_context_release(blk_get_aio_context(s->qdev.conf.blk));
84f94a9a
PB		 1797}
1798
1799static void scsi_disk_emulate_write_same(SCSIDiskReq *r, uint8_t *inbuf)
1800{
1801 SCSIRequest *req = &r->req;
1802 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
1894df02 1803 uint32_t nb_sectors = scsi_data_cdb_xfer(r->req.cmd.buf);
84f94a9a
PB		 1804 WriteSameCBData *data;
1805 uint8_t *buf;
1806 int i;
1807
1808 /* Fail if PBDATA=1 or LBDATA=1 or ANCHOR=1. */
1809 if (nb_sectors == 0 || (req->cmd.buf[1] & 0x16)) {
1810 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1811 return;
1812 }
1813
4be74634 1814 if (blk_is_read_only(s->qdev.conf.blk)) {
84f94a9a
PB		 1815 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
1816 return;
1817 }
1818 if (!check_lba_range(s, r->req.cmd.lba, nb_sectors)) {
1819 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
1820 return;
1821 }
1822
4397a018 1823 if ((req->cmd.buf[1] & 0x1) || buffer_is_zero(inbuf, s->qdev.blocksize)) {
84f94a9a
PB		 1824 int flags = (req->cmd.buf[1] & 0x8) ? BDRV_REQ_MAY_UNMAP : 0;
1825
1826 /* The request is used as the AIO opaque value, so add a ref. */
1827 scsi_req_ref(&r->req);
4be74634 1828 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8
BC		 1829 nb_sectors * s->qdev.blocksize,
1830 BLOCK_ACCT_WRITE);
d004bd52 1831 r->req.aiocb = blk_aio_pwrite_zeroes(s->qdev.conf.blk,
983a1600
EB		 1832 r->req.cmd.lba * s->qdev.blocksize,
1833 nb_sectors * s->qdev.blocksize,
4be74634 1834 flags, scsi_aio_complete, r);
84f94a9a
PB		 1835 return;
1836 }
1837
1838 data = g_new0(WriteSameCBData, 1);
1839 data->r = r;
1840 data->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
1841 data->nb_sectors = nb_sectors * (s->qdev.blocksize / 512);
1842 data->iov.iov_len = MIN(data->nb_sectors * 512, SCSI_WRITE_SAME_MAX);
4be74634
MA		 1843 data->iov.iov_base = buf = blk_blockalign(s->qdev.conf.blk,
1844 data->iov.iov_len);
84f94a9a
PB		 1845 qemu_iovec_init_external(&data->qiov, &data->iov, 1);
1846
1847 for (i = 0; i < data->iov.iov_len; i += s->qdev.blocksize) {
1848 memcpy(&buf[i], inbuf, s->qdev.blocksize);
1849 }
1850
1851 scsi_req_ref(&r->req);
4be74634 1852 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct,
5366d0c8 1853 data->iov.iov_len, BLOCK_ACCT_WRITE);
03c90063
EB		 1854 r->req.aiocb = blk_aio_pwritev(s->qdev.conf.blk,
1855 data->sector << BDRV_SECTOR_BITS,
1856 &data->qiov, 0,
1857 scsi_write_same_complete, data);
84f94a9a
PB		 1858}
1859
314a3299
PB		 1860static void scsi_disk_emulate_write_data(SCSIRequest *req)
1861{
af6d510d
PB		 1862 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
1863
1864 if (r->iov.iov_len) {
1865 int buflen = r->iov.iov_len;
79fb50bb 1866 DPRINTF("Write buf_len=%d\n", buflen);
af6d510d
PB		 1867 r->iov.iov_len = 0;
1868 scsi_req_data(&r->req, buflen);
1869 return;
1870 }
1871
1872 switch (req->cmd.buf[0]) {
1873 case MODE_SELECT:
1874 case MODE_SELECT_10:
1875 /* This also clears the sense buffer for REQUEST SENSE. */
380feaff 1876 scsi_disk_emulate_mode_select(r, r->iov.iov_base);
af6d510d
PB		 1877 break;
1878
5222aaf2
PB		 1879 case UNMAP:
1880 scsi_disk_emulate_unmap(r, r->iov.iov_base);
1881 break;
1882
d97e7730
PB		 1883 case VERIFY_10:
1884 case VERIFY_12:
1885 case VERIFY_16:
1886 if (r->req.status == -1) {
1887 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
1888 }
1889 break;
1890
84f94a9a
PB		 1891 case WRITE_SAME_10:
1892 case WRITE_SAME_16:
1893 scsi_disk_emulate_write_same(r, r->iov.iov_base);
1894 break;
d97e7730 1895
af6d510d
PB		 1896 default:
1897 abort();
1898 }
314a3299
PB		 1899}
1900
b08d0ea0 1901static int32_t scsi_disk_emulate_command(SCSIRequest *req, uint8_t *buf)
aa5dbdc1 1902{
b08d0ea0 1903 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
e7e25e32 1904 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
e7e25e32 1905 uint64_t nb_sectors;
7285477a 1906 uint8_t *outbuf;
af6d510d 1907 int buflen;
aa5dbdc1 1908
b08d0ea0
PB		 1909 switch (req->cmd.buf[0]) {
1910 case INQUIRY:
1911 case MODE_SENSE:
1912 case MODE_SENSE_10:
1913 case RESERVE:
1914 case RESERVE_10:
1915 case RELEASE:
1916 case RELEASE_10:
1917 case START_STOP:
1918 case ALLOW_MEDIUM_REMOVAL:
1919 case GET_CONFIGURATION:
1920 case GET_EVENT_STATUS_NOTIFICATION:
1921 case MECHANISM_STATUS:
1922 case REQUEST_SENSE:
1923 break;
1924
1925 default:
cd723b85 1926 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 1927 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
1928 return 0;
1929 }
1930 break;
1931 }
1932
c8dcb531
PB		 1933 /*
1934 * FIXME: we shouldn't return anything bigger than 4k, but the code
1935 * requires the buffer to be as big as req->cmd.xfer in several
1936 * places. So, do not allow CDBs with a very large ALLOCATION
1937 * LENGTH. The real fix would be to modify scsi_read_data and
1938 * dma_buf_read, so that they return data beyond the buflen
1939 * as all zeros.
1940 */
1941 if (req->cmd.xfer > 65536) {
1942 goto illegal_request;
1943 }
1944 r->buflen = MAX(4096, req->cmd.xfer);
1945
7285477a 1946 if (!r->iov.iov_base) {
4be74634 1947 r->iov.iov_base = blk_blockalign(s->qdev.conf.blk, r->buflen);
7285477a
PB		 1948 }
1949
af6d510d 1950 buflen = req->cmd.xfer;
7285477a 1951 outbuf = r->iov.iov_base;
c8dcb531 1952 memset(outbuf, 0, r->buflen);
aa5dbdc1
GH		 1953 switch (req->cmd.buf[0]) {
1954 case TEST_UNIT_READY:
cd723b85 1955 assert(blk_is_available(s->qdev.conf.blk));
5f71d32f 1956 break;
0b06c059
GH		 1957 case INQUIRY:
1958 buflen = scsi_disk_emulate_inquiry(req, outbuf);
f01b5931 1959 if (buflen < 0) {
0b06c059 1960 goto illegal_request;
f01b5931 1961 }
5f71d32f 1962 break;
ebddfcbe
GH		 1963 case MODE_SENSE:
1964 case MODE_SENSE_10:
cfc606da 1965 buflen = scsi_disk_emulate_mode_sense(r, outbuf);
f01b5931 1966 if (buflen < 0) {
ebddfcbe 1967 goto illegal_request;
f01b5931 1968 }
ebddfcbe 1969 break;
02880f43
GH		 1970 case READ_TOC:
1971 buflen = scsi_disk_emulate_read_toc(req, outbuf);
f01b5931 1972 if (buflen < 0) {
02880f43 1973 goto illegal_request;
f01b5931 1974 }
02880f43 1975 break;
3d53ba18 1976 case RESERVE:
f01b5931 1977 if (req->cmd.buf[1] & 1) {
3d53ba18 1978 goto illegal_request;
f01b5931 1979 }
3d53ba18
GH		 1980 break;
1981 case RESERVE_10:
f01b5931 1982 if (req->cmd.buf[1] & 3) {
3d53ba18 1983 goto illegal_request;
f01b5931 1984 }
3d53ba18
GH		 1985 break;
1986 case RELEASE:
f01b5931 1987 if (req->cmd.buf[1] & 1) {
3d53ba18 1988 goto illegal_request;
f01b5931 1989 }
3d53ba18
GH		 1990 break;
1991 case RELEASE_10:
f01b5931 1992 if (req->cmd.buf[1] & 3) {
3d53ba18 1993 goto illegal_request;
f01b5931 1994 }
3d53ba18 1995 break;
8d3628ff 1996 case START_STOP:
68bb01f3 1997 if (scsi_disk_emulate_start_stop(r) < 0) {
b08d0ea0 1998 return 0;
68bb01f3 1999 }
5f71d32f 2000 break;
c68b9f34 2001 case ALLOW_MEDIUM_REMOVAL:
81b1008d 2002 s->tray_locked = req->cmd.buf[4] & 1;
4be74634 2003 blk_lock_medium(s->qdev.conf.blk, req->cmd.buf[4] & 1);
5f71d32f 2004 break;
5e30a07d 2005 case READ_CAPACITY_10:
e7e25e32 2006 /* The normal LEN field for this command is zero. */
5f71d32f 2007 memset(outbuf, 0, 8);
4be74634 2008 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2009 if (!nb_sectors) {
9bcaf4fe 2010 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2011 return 0;
f01b5931 2012 }
7cec78b6
PB		 2013 if ((req->cmd.buf[8] & 1) == 0 && req->cmd.lba) {
2014 goto illegal_request;
2015 }
69377307 2016 nb_sectors /= s->qdev.blocksize / 512;
e7e25e32
GH		 2017 /* Returned value is the address of the last sector. */
2018 nb_sectors--;
2019 /* Remember the new size for read/write sanity checking. */
7877903a 2020 s->qdev.max_lba = nb_sectors;
e7e25e32 2021 /* Clip to 2TB, instead of returning capacity modulo 2TB. */
f01b5931 2022 if (nb_sectors > UINT32_MAX) {
e7e25e32 2023 nb_sectors = UINT32_MAX;
f01b5931 2024 }
e7e25e32
GH		 2025 outbuf[0] = (nb_sectors >> 24) & 0xff;
2026 outbuf[1] = (nb_sectors >> 16) & 0xff;
2027 outbuf[2] = (nb_sectors >> 8) & 0xff;
2028 outbuf[3] = nb_sectors & 0xff;
2029 outbuf[4] = 0;
2030 outbuf[5] = 0;
69377307 2031 outbuf[6] = s->qdev.blocksize >> 8;
e7e25e32 2032 outbuf[7] = 0;
5f71d32f 2033 break;
f3b338ef
PB		 2034 case REQUEST_SENSE:
2035 /* Just return "NO SENSE". */
37b6045c
PB		 2036 buflen = scsi_convert_sense(NULL, 0, outbuf, r->buflen,
2037 (req->cmd.buf[1] & 1) == 0);
c8dcb531
PB		 2038 if (buflen < 0) {
2039 goto illegal_request;
2040 }
f3b338ef 2041 break;
b6c251ab
PB		 2042 case MECHANISM_STATUS:
2043 buflen = scsi_emulate_mechanism_status(s, outbuf);
2044 if (buflen < 0) {
2045 goto illegal_request;
2046 }
2047 break;
38215553 2048 case GET_CONFIGURATION:
430ee2f2 2049 buflen = scsi_get_configuration(s, outbuf);
b6c251ab
PB		 2050 if (buflen < 0) {
2051 goto illegal_request;
2052 }
2053 break;
2054 case GET_EVENT_STATUS_NOTIFICATION:
2055 buflen = scsi_get_event_status_notification(s, r, outbuf);
2056 if (buflen < 0) {
2057 goto illegal_request;
2058 }
2059 break;
1a4f0c3a
PB		 2060 case READ_DISC_INFORMATION:
2061 buflen = scsi_read_disc_information(s, r, outbuf);
2062 if (buflen < 0) {
2063 goto illegal_request;
2064 }
2065 break;
b6c251ab
PB		 2066 case READ_DVD_STRUCTURE:
2067 buflen = scsi_read_dvd_structure(s, r, outbuf);
2068 if (buflen < 0) {
2069 goto illegal_request;
2070 }
38215553 2071 break;
f6515262 2072 case SERVICE_ACTION_IN_16:
5dd90e2a 2073 /* Service Action In subcommands. */
f6515262 2074 if ((req->cmd.buf[1] & 31) == SAI_READ_CAPACITY_16) {
5dd90e2a
GH		 2075 DPRINTF("SAI READ CAPACITY(16)\n");
2076 memset(outbuf, 0, req->cmd.xfer);
4be74634 2077 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
f01b5931 2078 if (!nb_sectors) {
9bcaf4fe 2079 scsi_check_condition(r, SENSE_CODE(LUN_NOT_READY));
0369f06f 2080 return 0;
f01b5931 2081 }
7cec78b6
PB		 2082 if ((req->cmd.buf[14] & 1) == 0 && req->cmd.lba) {
2083 goto illegal_request;
2084 }
69377307 2085 nb_sectors /= s->qdev.blocksize / 512;
5dd90e2a
GH		 2086 /* Returned value is the address of the last sector. */
2087 nb_sectors--;
2088 /* Remember the new size for read/write sanity checking. */
7877903a 2089 s->qdev.max_lba = nb_sectors;
5dd90e2a
GH		 2090 outbuf[0] = (nb_sectors >> 56) & 0xff;
2091 outbuf[1] = (nb_sectors >> 48) & 0xff;
2092 outbuf[2] = (nb_sectors >> 40) & 0xff;
2093 outbuf[3] = (nb_sectors >> 32) & 0xff;
2094 outbuf[4] = (nb_sectors >> 24) & 0xff;
2095 outbuf[5] = (nb_sectors >> 16) & 0xff;
2096 outbuf[6] = (nb_sectors >> 8) & 0xff;
2097 outbuf[7] = nb_sectors & 0xff;
2098 outbuf[8] = 0;
2099 outbuf[9] = 0;
69377307 2100 outbuf[10] = s->qdev.blocksize >> 8;
5dd90e2a 2101 outbuf[11] = 0;
ee3659e3
CH		 2102 outbuf[12] = 0;
2103 outbuf[13] = get_physical_block_exp(&s->qdev.conf);
ea3bd56f
CH		 2104
2105 /* set TPE bit if the format supports discard */
2106 if (s->qdev.conf.discard_granularity) {
2107 outbuf[14] = 0x80;
2108 }
2109
5dd90e2a 2110 /* Protection, exponent and lowest lba field left blank. */
5dd90e2a
GH		 2111 break;
2112 }
2113 DPRINTF("Unsupported Service Action In\n");
2114 goto illegal_request;
101aa85f
PB		 2115 case SYNCHRONIZE_CACHE:
2116 /* The request is used as the AIO opaque value, so add a ref. */
2117 scsi_req_ref(&r->req);
4be74634 2118 block_acct_start(blk_get_stats(s->qdev.conf.blk), &r->acct, 0,
5366d0c8 2119 BLOCK_ACCT_FLUSH);
4be74634 2120 r->req.aiocb = blk_aio_flush(s->qdev.conf.blk, scsi_aio_complete, r);
101aa85f
PB		 2121 return 0;
2122 case SEEK_10:
2123 DPRINTF("Seek(10) (sector %" PRId64 ")\n", r->req.cmd.lba);
2124 if (r->req.cmd.lba > s->qdev.max_lba) {
2125 goto illegal_lba;
2126 }
2127 break;
101aa85f 2128 case MODE_SELECT:
142c2145 2129 DPRINTF("Mode Select(6) (len %lu)\n", (unsigned long)r->req.cmd.xfer);
101aa85f
PB		 2130 break;
2131 case MODE_SELECT_10:
142c2145 2132 DPRINTF("Mode Select(10) (len %lu)\n", (unsigned long)r->req.cmd.xfer);
101aa85f 2133 break;
5222aaf2 2134 case UNMAP:
142c2145 2135 DPRINTF("Unmap (len %lu)\n", (unsigned long)r->req.cmd.xfer);
5222aaf2 2136 break;
d97e7730
PB		 2137 case VERIFY_10:
2138 case VERIFY_12:
2139 case VERIFY_16:
4525c133 2140 DPRINTF("Verify (bytchk %d)\n", (req->cmd.buf[1] >> 1) & 3);
d97e7730
PB		 2141 if (req->cmd.buf[1] & 6) {
2142 goto illegal_request;
2143 }
2144 break;
101aa85f 2145 case WRITE_SAME_10:
101aa85f 2146 case WRITE_SAME_16:
84f94a9a
PB		 2147 DPRINTF("WRITE SAME %d (len %lu)\n",
2148 req->cmd.buf[0] == WRITE_SAME_10 ? 10 : 16,
142c2145 2149 (unsigned long)r->req.cmd.xfer);
84f94a9a 2150 break;
aa5dbdc1 2151 default:
b9e77bc7
AK		 2152 DPRINTF("Unknown SCSI command (%2.2x=%s)\n", buf[0],
2153 scsi_command_name(buf[0]));
b45ef674 2154 scsi_check_condition(r, SENSE_CODE(INVALID_OPCODE));
b08d0ea0 2155 return 0;
aa5dbdc1 2156 }
314a3299 2157 assert(!r->req.aiocb);
c8dcb531 2158 r->iov.iov_len = MIN(r->buflen, req->cmd.xfer);
b08d0ea0
PB		 2159 if (r->iov.iov_len == 0) {
2160 scsi_req_complete(&r->req, GOOD);
2161 }
af6d510d
PB		 2162 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
2163 assert(r->iov.iov_len == req->cmd.xfer);
2164 return -r->iov.iov_len;
2165 } else {
2166 return r->iov.iov_len;
2167 }
aa5dbdc1 2168
aa5dbdc1 2169illegal_request:
cfc606da
PB		 2170 if (r->req.status == -1) {
2171 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2172 }
b08d0ea0 2173 return 0;
101aa85f
PB		 2174
2175illegal_lba:
2176 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
2177 return 0;
aa5dbdc1
GH		 2178}
2179
2e5d83bb
PB		 2180/* Execute a scsi command. Returns the length of the data expected by the
2181 command. This will be Positive for data transfers from the device
2182 (eg. disk reads), negative for transfers to the device (eg. disk writes),
2183 and zero if the command does not transfer any data. */
2184
b08d0ea0 2185static int32_t scsi_disk_dma_command(SCSIRequest *req, uint8_t *buf)
2e5d83bb 2186{
5c6c0e51
HR		 2187 SCSIDiskReq *r = DO_UPCAST(SCSIDiskReq, req, req);
2188 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
94f8ba11 2189 SCSIDiskClass *sdc = (SCSIDiskClass *) object_get_class(OBJECT(s));
e93176d5 2190 uint32_t len;
a917d384 2191 uint8_t command;
a917d384
PB		 2192
2193 command = buf[0];
aa5dbdc1 2194
cd723b85 2195 if (!blk_is_available(s->qdev.conf.blk)) {
b08d0ea0
PB		 2196 scsi_check_condition(r, SENSE_CODE(NO_MEDIUM));
2197 return 0;
9bcaf4fe
PB		 2198 }
2199
1894df02 2200 len = scsi_data_cdb_xfer(r->req.cmd.buf);
a917d384 2201 switch (command) {
ebf46023
GH		 2202 case READ_6:
2203 case READ_10:
bd536cf3
GH		 2204 case READ_12:
2205 case READ_16:
e93176d5 2206 DPRINTF("Read (sector %" PRId64 ", count %u)\n", r->req.cmd.lba, len);
2343be0d
PB		 2207 /* Protection information is not supported. For SCSI versions 2 and
2208 * older (as determined by snooping the guest's INQUIRY commands),
2209 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2210 */
2211 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2212 goto illegal_request;
2213 }
444bc908 2214 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2215 goto illegal_lba;
f01b5931 2216 }
69377307
PB		 2217 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2218 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2219 break;
ebf46023
GH		 2220 case WRITE_6:
2221 case WRITE_10:
bd536cf3
GH		 2222 case WRITE_12:
2223 case WRITE_16:
5e30a07d 2224 case WRITE_VERIFY_10:
ebef0bbb
BK		 2225 case WRITE_VERIFY_12:
2226 case WRITE_VERIFY_16:
4be74634 2227 if (blk_is_read_only(s->qdev.conf.blk)) {
6a8a685c
RS		 2228 scsi_check_condition(r, SENSE_CODE(WRITE_PROTECTED));
2229 return 0;
2230 }
e93176d5 2231 DPRINTF("Write %s(sector %" PRId64 ", count %u)\n",
2dd791b6
HR		 2232 (command & 0xe) == 0xe ? "And Verify " : "",
2233 r->req.cmd.lba, len);
4f04560b 2234 /* fall through */
166dbda7
PB		 2235 case VERIFY_10:
2236 case VERIFY_12:
2237 case VERIFY_16:
2238 /* We get here only for BYTCHK == 0x01 and only for scsi-block.
2239 * As far as DMA is concerned, we can treat it the same as a write;
2240 * scsi_block_do_sgio will send VERIFY commands.
2241 */
2343be0d 2242 if (s->qdev.scsi_version > 2 && (r->req.cmd.buf[1] & 0xe0)) {
96bdbbab
RS		 2243 goto illegal_request;
2244 }
444bc908 2245 if (!check_lba_range(s, r->req.cmd.lba, len)) {
274fb0e1 2246 goto illegal_lba;
f01b5931 2247 }
69377307
PB		 2248 r->sector = r->req.cmd.lba * (s->qdev.blocksize / 512);
2249 r->sector_count = len * (s->qdev.blocksize / 512);
2e5d83bb 2250 break;
101aa85f 2251 default:
b08d0ea0 2252 abort();
96bdbbab
RS		 2253 illegal_request:
2254 scsi_check_condition(r, SENSE_CODE(INVALID_FIELD));
2255 return 0;
274fb0e1 2256 illegal_lba:
b45ef674 2257 scsi_check_condition(r, SENSE_CODE(LBA_OUT_OF_RANGE));
274fb0e1 2258 return 0;
2e5d83bb 2259 }
94f8ba11 2260 r->need_fua_emulation = sdc->need_fua_emulation(&r->req.cmd);
b08d0ea0 2261 if (r->sector_count == 0) {
b45ef674 2262 scsi_req_complete(&r->req, GOOD);
a917d384 2263 }
b08d0ea0 2264 assert(r->iov.iov_len == 0);
efb9ee02 2265 if (r->req.cmd.mode == SCSI_XFER_TO_DEV) {
b08d0ea0 2266 return -r->sector_count * 512;
a917d384 2267 } else {
b08d0ea0 2268 return r->sector_count * 512;
2e5d83bb 2269 }
2e5d83bb
PB		 2270}
2271
e9447f35
JK		 2272static void scsi_disk_reset(DeviceState *dev)
2273{
2274 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev.qdev, dev);
2275 uint64_t nb_sectors;
2276
c7b48872 2277 scsi_device_purge_requests(&s->qdev, SENSE_CODE(RESET));
e9447f35 2278
4be74634 2279 blk_get_geometry(s->qdev.conf.blk, &nb_sectors);
69377307 2280 nb_sectors /= s->qdev.blocksize / 512;
e9447f35
JK		 2281 if (nb_sectors) {
2282 nb_sectors--;
2283 }
7877903a 2284 s->qdev.max_lba = nb_sectors;
7721c7f7
PH		 2285 /* reset tray statuses */
2286 s->tray_locked = 0;
2287 s->tray_open = 0;
2343be0d
PB		 2288
2289 s->qdev.scsi_version = s->qdev.default_scsi_version;
e9447f35
JK		 2290}
2291
aaebacef
PB		 2292static void scsi_disk_resize_cb(void *opaque)
2293{
2294 SCSIDiskState *s = opaque;
2295
2296 /* SPC lists this sense code as available only for
2297 * direct-access devices.
2298 */
2299 if (s->qdev.type == TYPE_DISK) {
53200fad 2300 scsi_device_report_change(&s->qdev, SENSE_CODE(CAPACITY_CHANGED));
aaebacef
PB		 2301 }
2302}
2303
39829a01 2304static void scsi_cd_change_media_cb(void *opaque, bool load, Error **errp)
2c6942fa 2305{
8a9c16f6
PB		 2306 SCSIDiskState *s = opaque;
2307
2308 /*
2309 * When a CD gets changed, we have to report an ejected state and
2310 * then a loaded state to guests so that they detect tray
2311 * open/close and media change events. Guests that do not use
2312 * GET_EVENT_STATUS_NOTIFICATION to detect such tray open/close
2313 * states rely on this behavior.
2314 *
2315 * media_changed governs the state machine used for unit attention
2316 * report. media_event is used by GET EVENT STATUS NOTIFICATION.
2317 */
2318 s->media_changed = load;
2319 s->tray_open = !load;
e48e84ea 2320 scsi_device_set_ua(&s->qdev, SENSE_CODE(UNIT_ATTENTION_NO_MEDIUM));
3c2f7c12 2321 s->media_event = true;
4480de19
PB		 2322 s->eject_request = false;
2323}
2324
2325static void scsi_cd_eject_request_cb(void *opaque, bool force)
2326{
2327 SCSIDiskState *s = opaque;
2328
2329 s->eject_request = true;
2330 if (force) {
2331 s->tray_locked = false;
2332 }
2c6942fa
MA		 2333}
2334
e4def80b
MA		 2335static bool scsi_cd_is_tray_open(void *opaque)
2336{
2337 return ((SCSIDiskState *)opaque)->tray_open;
2338}
2339
f107639a
MA		 2340static bool scsi_cd_is_medium_locked(void *opaque)
2341{
2342 return ((SCSIDiskState *)opaque)->tray_locked;
2343}
2344
aaebacef 2345static const BlockDevOps scsi_disk_removable_block_ops = {
2c6942fa 2346 .change_media_cb = scsi_cd_change_media_cb,
4480de19 2347 .eject_request_cb = scsi_cd_eject_request_cb,
e4def80b 2348 .is_tray_open = scsi_cd_is_tray_open,
f107639a 2349 .is_medium_locked = scsi_cd_is_medium_locked,
aaebacef
PB		 2350
2351 .resize_cb = scsi_disk_resize_cb,
2352};
2353
2354static const BlockDevOps scsi_disk_block_ops = {
2355 .resize_cb = scsi_disk_resize_cb,
f107639a
MA		 2356};
2357
8a9c16f6
PB		 2358static void scsi_disk_unit_attention_reported(SCSIDevice *dev)
2359{
2360 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2361 if (s->media_changed) {
2362 s->media_changed = false;
e48e84ea 2363 scsi_device_set_ua(&s->qdev, SENSE_CODE(MEDIUM_CHANGED));
8a9c16f6
PB		 2364 }
2365}
2366
a818a4b6 2367static void scsi_realize(SCSIDevice *dev, Error **errp)
2e5d83bb 2368{
d52affa7 2369 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2e5d83bb 2370
4be74634 2371 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2372 error_setg(errp, "drive property not set");
2373 return;
d52affa7
GH		 2374 }
2375
bfe3d7ac 2376 if (!(s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
4be74634 2377 !blk_is_inserted(s->qdev.conf.blk)) {
a818a4b6
FZ		 2378 error_setg(errp, "Device needs media, but drive is empty");
2379 return;
98f28ad7
MA		 2380 }
2381
0eb28a42 2382 blkconf_blocksizes(&s->qdev.conf);
3da023b5
MK		 2383
2384 if (s->qdev.conf.logical_block_size >
2385 s->qdev.conf.physical_block_size) {
2386 error_setg(errp,
2387 "logical_block_size > physical_block_size not supported");
2388 return;
2389 }
2390
5ff5efb4 2391 if (dev->type == TYPE_DISK) {
ceff3e1f 2392 if (!blkconf_geometry(&dev->conf, NULL, 65535, 255, 255, errp)) {
a818a4b6 2393 return;
5ff5efb4 2394 }
b7eb0c9f 2395 }
ceff3e1f
MZ		 2396 if (!blkconf_apply_backend_options(&dev->conf,
2397 blk_is_read_only(s->qdev.conf.blk),
2398 dev->type == TYPE_DISK, errp)) {
a17c17a2
KW		 2399 return;
2400 }
a0fef654 2401
215e47b9
PB		 2402 if (s->qdev.conf.discard_granularity == -1) {
2403 s->qdev.conf.discard_granularity =
2404 MAX(s->qdev.conf.logical_block_size, DEFAULT_DISCARD_GRANULARITY);
2405 }
2406
552fee93 2407 if (!s->version) {
35c2c8dc 2408 s->version = g_strdup(qemu_hw_version());
552fee93 2409 }
353815aa
DF		 2410 if (!s->vendor) {
2411 s->vendor = g_strdup("QEMU");
2412 }
552fee93 2413
4be74634 2414 if (blk_is_sg(s->qdev.conf.blk)) {
a818a4b6
FZ		 2415 error_setg(errp, "unwanted /dev/sg*");
2416 return;
32bb404a
MA		 2417 }
2418
18e673b8
PH		 2419 if ((s->features & (1 << SCSI_DISK_F_REMOVABLE)) &&
2420 !(s->features & (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS))) {
4be74634 2421 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_removable_block_ops, s);
aaebacef 2422 } else {
4be74634 2423 blk_set_dev_ops(s->qdev.conf.blk, &scsi_disk_block_ops, s);
2e5d83bb 2424 }
4be74634 2425 blk_set_guest_block_size(s->qdev.conf.blk, s->qdev.blocksize);
8cfacf07 2426
4be74634 2427 blk_iostatus_enable(s->qdev.conf.blk);
d52affa7
GH		 2428}
2429
a818a4b6 2430static void scsi_hd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2431{
e39be482 2432 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
df1d4c34
ET		 2433 /* can happen for devices without drive. The error message for missing
2434 * backend will be issued in scsi_realize
2435 */
2436 if (s->qdev.conf.blk) {
2437 blkconf_blocksizes(&s->qdev.conf);
2438 }
e39be482
PB		 2439 s->qdev.blocksize = s->qdev.conf.logical_block_size;
2440 s->qdev.type = TYPE_DISK;
353815aa
DF		 2441 if (!s->product) {
2442 s->product = g_strdup("QEMU HARDDISK");
2443 }
a818a4b6 2444 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2445}
2446
a818a4b6 2447static void scsi_cd_realize(SCSIDevice *dev, Error **errp)
b443ae67 2448{
e39be482 2449 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
83b4fe0e 2450 int ret;
9ef6e505
KW		 2451
2452 if (!dev->conf.blk) {
83b4fe0e
KW		 2453 /* Anonymous BlockBackend for an empty drive. As we put it into
2454 * dev->conf, qdev takes care of detaching on unplug. */
6d0eb64d 2455 dev->conf.blk = blk_new(0, BLK_PERM_ALL);
83b4fe0e
KW		 2456 ret = blk_attach_dev(dev->conf.blk, &dev->qdev);
2457 assert(ret == 0);
9ef6e505
KW		 2458 }
2459
e39be482
PB		 2460 s->qdev.blocksize = 2048;
2461 s->qdev.type = TYPE_ROM;
bfe3d7ac 2462 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
353815aa
DF		 2463 if (!s->product) {
2464 s->product = g_strdup("QEMU CD-ROM");
2465 }
a818a4b6 2466 scsi_realize(&s->qdev, errp);
b443ae67
MA		 2467}
2468
a818a4b6 2469static void scsi_disk_realize(SCSIDevice *dev, Error **errp)
b443ae67 2470{
95b5edcd 2471 DriveInfo *dinfo;
a818a4b6 2472 Error *local_err = NULL;
b443ae67 2473
4be74634 2474 if (!dev->conf.blk) {
a818a4b6
FZ		 2475 scsi_realize(dev, &local_err);
2476 assert(local_err);
2477 error_propagate(errp, local_err);
2478 return;
b443ae67
MA		 2479 }
2480
4be74634 2481 dinfo = blk_legacy_dinfo(dev->conf.blk);
26f8b3a8 2482 if (dinfo && dinfo->media_cd) {
a818a4b6 2483 scsi_cd_realize(dev, errp);
e39be482 2484 } else {
a818a4b6 2485 scsi_hd_realize(dev, errp);
e39be482 2486 }
b443ae67
MA		 2487}
2488
b08d0ea0 2489static const SCSIReqOps scsi_disk_emulate_reqops = {
8dbd4574 2490 .size = sizeof(SCSIDiskReq),
12010e7b 2491 .free_req = scsi_free_request,
b08d0ea0 2492 .send_command = scsi_disk_emulate_command,
314a3299
PB		 2493 .read_data = scsi_disk_emulate_read_data,
2494 .write_data = scsi_disk_emulate_write_data,
b08d0ea0
PB		 2495 .get_buf = scsi_get_buf,
2496};
2497
2498static const SCSIReqOps scsi_disk_dma_reqops = {
2499 .size = sizeof(SCSIDiskReq),
2500 .free_req = scsi_free_request,
2501 .send_command = scsi_disk_dma_command,
12010e7b
PB		 2502 .read_data = scsi_read_data,
2503 .write_data = scsi_write_data,
12010e7b 2504 .get_buf = scsi_get_buf,
43b978b9
PB		 2505 .load_request = scsi_disk_load_request,
2506 .save_request = scsi_disk_save_request,
8dbd4574
PB		 2507};
2508
b08d0ea0
PB		 2509static const SCSIReqOps *const scsi_disk_reqops_dispatch[256] = {
2510 [TEST_UNIT_READY] = &scsi_disk_emulate_reqops,
2511 [INQUIRY] = &scsi_disk_emulate_reqops,
2512 [MODE_SENSE] = &scsi_disk_emulate_reqops,
2513 [MODE_SENSE_10] = &scsi_disk_emulate_reqops,
2514 [START_STOP] = &scsi_disk_emulate_reqops,
2515 [ALLOW_MEDIUM_REMOVAL] = &scsi_disk_emulate_reqops,
2516 [READ_CAPACITY_10] = &scsi_disk_emulate_reqops,
2517 [READ_TOC] = &scsi_disk_emulate_reqops,
2518 [READ_DVD_STRUCTURE] = &scsi_disk_emulate_reqops,
2519 [READ_DISC_INFORMATION] = &scsi_disk_emulate_reqops,
2520 [GET_CONFIGURATION] = &scsi_disk_emulate_reqops,
2521 [GET_EVENT_STATUS_NOTIFICATION] = &scsi_disk_emulate_reqops,
2522 [MECHANISM_STATUS] = &scsi_disk_emulate_reqops,
2523 [SERVICE_ACTION_IN_16] = &scsi_disk_emulate_reqops,
2524 [REQUEST_SENSE] = &scsi_disk_emulate_reqops,
2525 [SYNCHRONIZE_CACHE] = &scsi_disk_emulate_reqops,
2526 [SEEK_10] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2527 [MODE_SELECT] = &scsi_disk_emulate_reqops,
2528 [MODE_SELECT_10] = &scsi_disk_emulate_reqops,
5222aaf2 2529 [UNMAP] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2530 [WRITE_SAME_10] = &scsi_disk_emulate_reqops,
2531 [WRITE_SAME_16] = &scsi_disk_emulate_reqops,
d97e7730
PB		 2532 [VERIFY_10] = &scsi_disk_emulate_reqops,
2533 [VERIFY_12] = &scsi_disk_emulate_reqops,
2534 [VERIFY_16] = &scsi_disk_emulate_reqops,
b08d0ea0
PB		 2535
2536 [READ_6] = &scsi_disk_dma_reqops,
2537 [READ_10] = &scsi_disk_dma_reqops,
2538 [READ_12] = &scsi_disk_dma_reqops,
2539 [READ_16] = &scsi_disk_dma_reqops,
b08d0ea0
PB		 2540 [WRITE_6] = &scsi_disk_dma_reqops,
2541 [WRITE_10] = &scsi_disk_dma_reqops,
2542 [WRITE_12] = &scsi_disk_dma_reqops,
2543 [WRITE_16] = &scsi_disk_dma_reqops,
2544 [WRITE_VERIFY_10] = &scsi_disk_dma_reqops,
2545 [WRITE_VERIFY_12] = &scsi_disk_dma_reqops,
2546 [WRITE_VERIFY_16] = &scsi_disk_dma_reqops,
2547};
2548
63db0f0e
PB		 2549static SCSIRequest *scsi_new_request(SCSIDevice *d, uint32_t tag, uint32_t lun,
2550 uint8_t *buf, void *hba_private)
8dbd4574
PB		 2551{
2552 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2553 SCSIRequest *req;
b08d0ea0
PB		 2554 const SCSIReqOps *ops;
2555 uint8_t command;
8dbd4574 2556
79fb50bb
PB		 2557 command = buf[0];
2558 ops = scsi_disk_reqops_dispatch[command];
2559 if (!ops) {
2560 ops = &scsi_disk_emulate_reqops;
2561 }
2562 req = scsi_req_alloc(ops, &s->qdev, tag, lun, hba_private);
2563
b08d0ea0 2564#ifdef DEBUG_SCSI
79fb50bb 2565 DPRINTF("Command: lun=%d tag=0x%x data=0x%02x", lun, tag, buf[0]);
b08d0ea0
PB		 2566 {
2567 int i;
1894df02 2568 for (i = 1; i < scsi_cdb_length(buf); i++) {
b08d0ea0
PB		 2569 printf(" 0x%02x", buf[i]);
2570 }
2571 printf("\n");
2572 }
2573#endif
2574
8dbd4574
PB		 2575 return req;
2576}
2577
336a6915
PB		 2578#ifdef __linux__
2579static int get_device_type(SCSIDiskState *s)
2580{
336a6915
PB		 2581 uint8_t cmd[16];
2582 uint8_t buf[36];
336a6915
PB		 2583 int ret;
2584
2585 memset(cmd, 0, sizeof(cmd));
2586 memset(buf, 0, sizeof(buf));
2587 cmd[0] = INQUIRY;
2588 cmd[4] = sizeof(buf);
2589
a0c7e35b
DHB		 2590 ret = scsi_SG_IO_FROM_DEV(s->qdev.conf.blk, cmd, sizeof(cmd),
2591 buf, sizeof(buf));
2592 if (ret < 0) {
336a6915
PB		 2593 return -1;
2594 }
2595 s->qdev.type = buf[0];
bfe3d7ac
PB		 2596 if (buf[1] & 0x80) {
2597 s->features |= 1 << SCSI_DISK_F_REMOVABLE;
2598 }
336a6915
PB		 2599 return 0;
2600}
2601
a818a4b6 2602static void scsi_block_realize(SCSIDevice *dev, Error **errp)
336a6915
PB		 2603{
2604 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, dev);
2605 int sg_version;
2606 int rc;
2607
4be74634 2608 if (!s->qdev.conf.blk) {
a818a4b6
FZ		 2609 error_setg(errp, "drive property not set");
2610 return;
336a6915
PB		 2611 }
2612
51f43d57
FZ		 2613 if (s->rotation_rate) {
2614 error_report_once("rotation_rate is specified for scsi-block but is "
2615 "not implemented. This option is deprecated and will "
2616 "be removed in a future version");
2617 }
2618
336a6915 2619 /* check we are using a driver managing SG_IO (version 3 and after) */
4be74634 2620 rc = blk_ioctl(s->qdev.conf.blk, SG_GET_VERSION_NUM, &sg_version);
4bbeb8b1 2621 if (rc < 0) {
09c2c6ff
PB		 2622 error_setg_errno(errp, -rc, "cannot get SG_IO version number");
2623 if (rc != -EPERM) {
2624 error_append_hint(errp, "Is this a SCSI device?\n");
2625 }
a818a4b6 2626 return;
4bbeb8b1
FZ		 2627 }
2628 if (sg_version < 30000) {
a818a4b6
FZ		 2629 error_setg(errp, "scsi generic interface too old");
2630 return;
336a6915
PB		 2631 }
2632
2633 /* get device type from INQUIRY data */
2634 rc = get_device_type(s);
2635 if (rc < 0) {
a818a4b6
FZ		 2636 error_setg(errp, "INQUIRY failed");
2637 return;
336a6915
PB		 2638 }
2639
2640 /* Make a guess for the block size, we'll fix it when the guest sends.
2641 * READ CAPACITY. If they don't, they likely would assume these sizes
2642 * anyway. (TODO: check in /sys).
2643 */
2644 if (s->qdev.type == TYPE_ROM || s->qdev.type == TYPE_WORM) {
2645 s->qdev.blocksize = 2048;
2646 } else {
2647 s->qdev.blocksize = 512;
2648 }
18e673b8
PH		 2649
2650 /* Makes the scsi-block device not removable by using HMP and QMP eject
2651 * command.
2652 */
2653 s->features |= (1 << SCSI_DISK_F_NO_REMOVABLE_DEVOPS);
2654
a818a4b6 2655 scsi_realize(&s->qdev, errp);
a71c775b 2656 scsi_generic_read_device_inquiry(&s->qdev);
336a6915
PB		 2657}
2658
8fdc7839
PB		 2659typedef struct SCSIBlockReq {
2660 SCSIDiskReq req;
2661 sg_io_hdr_t io_header;
2662
2663 /* Selected bytes of the original CDB, copied into our own CDB. */
2664 uint8_t cmd, cdb1, group_number;
2665
2666 /* CDB passed to SG_IO. */
2667 uint8_t cdb[16];
2668} SCSIBlockReq;
2669
2670static BlockAIOCB *scsi_block_do_sgio(SCSIBlockReq *req,
2671 int64_t offset, QEMUIOVector *iov,
2672 int direction,
2673 BlockCompletionFunc *cb, void *opaque)
2674{
2675 sg_io_hdr_t *io_header = &req->io_header;
2676 SCSIDiskReq *r = &req->req;
2677 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2678 int nb_logical_blocks;
2679 uint64_t lba;
2680 BlockAIOCB *aiocb;
2681
2682 /* This is not supported yet. It can only happen if the guest does
2683 * reads and writes that are not aligned to one logical sectors
2684 * _and_ cover multiple MemoryRegions.
2685 */
2686 assert(offset % s->qdev.blocksize == 0);
2687 assert(iov->size % s->qdev.blocksize == 0);
2688
2689 io_header->interface_id = 'S';
2690
2691 /* The data transfer comes from the QEMUIOVector. */
2692 io_header->dxfer_direction = direction;
2693 io_header->dxfer_len = iov->size;
2694 io_header->dxferp = (void *)iov->iov;
2695 io_header->iovec_count = iov->niov;
2696 assert(io_header->iovec_count == iov->niov); /* no overflow! */
2697
2698 /* Build a new CDB with the LBA and length patched in, in case
2699 * DMA helpers split the transfer in multiple segments. Do not
2700 * build a CDB smaller than what the guest wanted, and only build
2701 * a larger one if strictly necessary.
2702 */
2703 io_header->cmdp = req->cdb;
2704 lba = offset / s->qdev.blocksize;
2705 nb_logical_blocks = io_header->dxfer_len / s->qdev.blocksize;
2706
2707 if ((req->cmd >> 5) == 0 && lba <= 0x1ffff) {
2708 /* 6-byte CDB */
2709 stl_be_p(&req->cdb[0], lba | (req->cmd << 24));
2710 req->cdb[4] = nb_logical_blocks;
2711 req->cdb[5] = 0;
2712 io_header->cmd_len = 6;
2713 } else if ((req->cmd >> 5) <= 1 && lba <= 0xffffffffULL) {
2714 /* 10-byte CDB */
2715 req->cdb[0] = (req->cmd & 0x1f) | 0x20;
2716 req->cdb[1] = req->cdb1;
2717 stl_be_p(&req->cdb[2], lba);
2718 req->cdb[6] = req->group_number;
2719 stw_be_p(&req->cdb[7], nb_logical_blocks);
2720 req->cdb[9] = 0;
2721 io_header->cmd_len = 10;
2722 } else if ((req->cmd >> 5) != 4 && lba <= 0xffffffffULL) {
2723 /* 12-byte CDB */
2724 req->cdb[0] = (req->cmd & 0x1f) | 0xA0;
2725 req->cdb[1] = req->cdb1;
2726 stl_be_p(&req->cdb[2], lba);
2727 stl_be_p(&req->cdb[6], nb_logical_blocks);
2728 req->cdb[10] = req->group_number;
2729 req->cdb[11] = 0;
2730 io_header->cmd_len = 12;
2731 } else {
2732 /* 16-byte CDB */
2733 req->cdb[0] = (req->cmd & 0x1f) | 0x80;
2734 req->cdb[1] = req->cdb1;
2735 stq_be_p(&req->cdb[2], lba);
2736 stl_be_p(&req->cdb[10], nb_logical_blocks);
2737 req->cdb[14] = req->group_number;
2738 req->cdb[15] = 0;
2739 io_header->cmd_len = 16;
2740 }
2741
2742 /* The rest is as in scsi-generic.c. */
2743 io_header->mx_sb_len = sizeof(r->req.sense);
2744 io_header->sbp = r->req.sense;
2745 io_header->timeout = UINT_MAX;
2746 io_header->usr_ptr = r;
2747 io_header->flags |= SG_FLAG_DIRECT_IO;
2748
2749 aiocb = blk_aio_ioctl(s->qdev.conf.blk, SG_IO, io_header, cb, opaque);
2750 assert(aiocb != NULL);
2751 return aiocb;
2752}
2753
2754static bool scsi_block_no_fua(SCSICommand *cmd)
2755{
2756 return false;
2757}
2758
2759static BlockAIOCB *scsi_block_dma_readv(int64_t offset,
2760 QEMUIOVector *iov,
2761 BlockCompletionFunc *cb, void *cb_opaque,
2762 void *opaque)
2763{
2764 SCSIBlockReq *r = opaque;
2765 return scsi_block_do_sgio(r, offset, iov,
2766 SG_DXFER_FROM_DEV, cb, cb_opaque);
2767}
2768
2769static BlockAIOCB *scsi_block_dma_writev(int64_t offset,
2770 QEMUIOVector *iov,
2771 BlockCompletionFunc *cb, void *cb_opaque,
2772 void *opaque)
2773{
2774 SCSIBlockReq *r = opaque;
2775 return scsi_block_do_sgio(r, offset, iov,
2776 SG_DXFER_TO_DEV, cb, cb_opaque);
2777}
2778
592c3b28 2779static bool scsi_block_is_passthrough(SCSIDiskState *s, uint8_t *buf)
336a6915 2780{
336a6915 2781 switch (buf[0]) {
8fdc7839
PB		 2782 case VERIFY_10:
2783 case VERIFY_12:
2784 case VERIFY_16:
2785 /* Check if BYTCHK == 0x01 (data-out buffer contains data
2786 * for the number of logical blocks specified in the length
2787 * field). For other modes, do not use scatter/gather operation.
2788 */
1f8af0d1 2789 if ((buf[1] & 6) == 2) {
8fdc7839
PB		 2790 return false;
2791 }
2792 break;
2793
336a6915
PB		 2794 case READ_6:
2795 case READ_10:
2796 case READ_12:
2797 case READ_16:
2798 case WRITE_6:
2799 case WRITE_10:
2800 case WRITE_12:
2801 case WRITE_16:
2802 case WRITE_VERIFY_10:
2803 case WRITE_VERIFY_12:
2804 case WRITE_VERIFY_16:
8fdc7839 2805 /* MMC writing cannot be done via DMA helpers, because it sometimes
33ebad12 2806 * involves writing beyond the maximum LBA or to negative LBA (lead-in).
166dbda7 2807 * We might use scsi_block_dma_reqops as long as no writing commands are
33ebad12
PB		 2808 * seen, but performance usually isn't paramount on optical media. So,
2809 * just make scsi-block operate the same as scsi-generic for them.
2810 */
b08d0ea0 2811 if (s->qdev.type != TYPE_ROM) {
592c3b28 2812 return false;
b08d0ea0 2813 }
592c3b28
PB		 2814 break;
2815
2816 default:
2817 break;
336a6915
PB		 2818 }
2819
592c3b28
PB		 2820 return true;
2821}
2822
2823
8fdc7839
PB		 2824static int32_t scsi_block_dma_command(SCSIRequest *req, uint8_t *buf)
2825{
2826 SCSIBlockReq *r = (SCSIBlockReq *)req;
2343be0d
PB		 2827 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, req->dev);
2828
8fdc7839
PB		 2829 r->cmd = req->cmd.buf[0];
2830 switch (r->cmd >> 5) {
2831 case 0:
2832 /* 6-byte CDB. */
2833 r->cdb1 = r->group_number = 0;
2834 break;
2835 case 1:
2836 /* 10-byte CDB. */
2837 r->cdb1 = req->cmd.buf[1];
2838 r->group_number = req->cmd.buf[6];
ed45cae3 2839 break;
8fdc7839
PB		 2840 case 4:
2841 /* 12-byte CDB. */
2842 r->cdb1 = req->cmd.buf[1];
2843 r->group_number = req->cmd.buf[10];
2844 break;
2845 case 5:
2846 /* 16-byte CDB. */
2847 r->cdb1 = req->cmd.buf[1];
2848 r->group_number = req->cmd.buf[14];
2849 break;
2850 default:
2851 abort();
2852 }
2853
2343be0d
PB		 2854 /* Protection information is not supported. For SCSI versions 2 and
2855 * older (as determined by snooping the guest's INQUIRY commands),
2856 * there is no RD/WR/VRPROTECT, so skip this check in these versions.
2857 */
2858 if (s->qdev.scsi_version > 2 && (req->cmd.buf[1] & 0xe0)) {
8fdc7839
PB		 2859 scsi_check_condition(&r->req, SENSE_CODE(INVALID_FIELD));
2860 return 0;
2861 }
2862
2863 r->req.status = &r->io_header.status;
2864 return scsi_disk_dma_command(req, buf);
2865}
2866
2867static const SCSIReqOps scsi_block_dma_reqops = {
2868 .size = sizeof(SCSIBlockReq),
2869 .free_req = scsi_free_request,
2870 .send_command = scsi_block_dma_command,
2871 .read_data = scsi_read_data,
2872 .write_data = scsi_write_data,
2873 .get_buf = scsi_get_buf,
2874 .load_request = scsi_disk_load_request,
2875 .save_request = scsi_disk_save_request,
2876};
2877
592c3b28
PB		 2878static SCSIRequest *scsi_block_new_request(SCSIDevice *d, uint32_t tag,
2879 uint32_t lun, uint8_t *buf,
2880 void *hba_private)
2881{
2882 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2883
2884 if (scsi_block_is_passthrough(s, buf)) {
2885 return scsi_req_alloc(&scsi_generic_req_ops, &s->qdev, tag, lun,
2886 hba_private);
2887 } else {
8fdc7839 2888 return scsi_req_alloc(&scsi_block_dma_reqops, &s->qdev, tag, lun,
592c3b28
PB		 2889 hba_private);
2890 }
336a6915 2891}
3e7e180a
PB		 2892
2893static int scsi_block_parse_cdb(SCSIDevice *d, SCSICommand *cmd,
2894 uint8_t *buf, void *hba_private)
2895{
2896 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, d);
2897
2898 if (scsi_block_is_passthrough(s, buf)) {
2899 return scsi_bus_parse_cdb(&s->qdev, cmd, buf, hba_private);
2900 } else {
2901 return scsi_req_parse_cdb(&s->qdev, cmd, buf);
2902 }
2903}
2904
336a6915
PB		 2905#endif
2906
fcaafb10
PB		 2907static
2908BlockAIOCB *scsi_dma_readv(int64_t offset, QEMUIOVector *iov,
2909 BlockCompletionFunc *cb, void *cb_opaque,
2910 void *opaque)
2911{
2912 SCSIDiskReq *r = opaque;
2913 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2914 return blk_aio_preadv(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2915}
2916
2917static
2918BlockAIOCB *scsi_dma_writev(int64_t offset, QEMUIOVector *iov,
2919 BlockCompletionFunc *cb, void *cb_opaque,
2920 void *opaque)
2921{
2922 SCSIDiskReq *r = opaque;
2923 SCSIDiskState *s = DO_UPCAST(SCSIDiskState, qdev, r->req.dev);
2924 return blk_aio_pwritev(s->qdev.conf.blk, offset, iov, 0, cb, cb_opaque);
2925}
2926
993935f3
PB		 2927static void scsi_disk_base_class_initfn(ObjectClass *klass, void *data)
2928{
2929 DeviceClass *dc = DEVICE_CLASS(klass);
fcaafb10 2930 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
993935f3
PB		 2931
2932 dc->fw_name = "disk";
2933 dc->reset = scsi_disk_reset;
fcaafb10
PB		 2934 sdc->dma_readv = scsi_dma_readv;
2935 sdc->dma_writev = scsi_dma_writev;
94f8ba11 2936 sdc->need_fua_emulation = scsi_is_cmd_fua;
993935f3
PB		 2937}
2938
2939static const TypeInfo scsi_disk_base_info = {
2940 .name = TYPE_SCSI_DISK_BASE,
2941 .parent = TYPE_SCSI_DEVICE,
2942 .class_init = scsi_disk_base_class_initfn,
2943 .instance_size = sizeof(SCSIDiskState),
fcaafb10 2944 .class_size = sizeof(SCSIDiskClass),
6214a11a 2945 .abstract = true,
993935f3
PB		 2946};
2947
353815aa
DF		 2948#define DEFINE_SCSI_DISK_PROPERTIES() \
2949 DEFINE_BLOCK_PROPERTIES(SCSIDiskState, qdev.conf), \
8c398252 2950 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
353815aa
DF		 2951 DEFINE_PROP_STRING("ver", SCSIDiskState, version), \
2952 DEFINE_PROP_STRING("serial", SCSIDiskState, serial), \
2953 DEFINE_PROP_STRING("vendor", SCSIDiskState, vendor), \
2954 DEFINE_PROP_STRING("product", SCSIDiskState, product)
b443ae67 2955
39bffca2
AL		 2956static Property scsi_hd_properties[] = {
2957 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 2958 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
2959 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 2960 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
2961 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 2962 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
2963 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 2964 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 2965 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
2966 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 2967 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
2968 DEFAULT_MAX_IO_SIZE),
070f8009 2969 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
2343be0d
PB		 2970 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
2971 5),
d252df48 2972 DEFINE_BLOCK_CHS_PROPERTIES(SCSIDiskState, qdev.conf),
39bffca2
AL		 2973 DEFINE_PROP_END_OF_LIST(),
2974};
2975
43b978b9
PB		 2976static const VMStateDescription vmstate_scsi_disk_state = {
2977 .name = "scsi-disk",
2978 .version_id = 1,
2979 .minimum_version_id = 1,
43b978b9
PB		 2980 .fields = (VMStateField[]) {
2981 VMSTATE_SCSI_DEVICE(qdev, SCSIDiskState),
2982 VMSTATE_BOOL(media_changed, SCSIDiskState),
2983 VMSTATE_BOOL(media_event, SCSIDiskState),
2984 VMSTATE_BOOL(eject_request, SCSIDiskState),
2985 VMSTATE_BOOL(tray_open, SCSIDiskState),
2986 VMSTATE_BOOL(tray_locked, SCSIDiskState),
2987 VMSTATE_END_OF_LIST()
2988 }
2989};
2990
b9eea3e6
AL		 2991static void scsi_hd_class_initfn(ObjectClass *klass, void *data)
2992{
39bffca2 2993 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 2994 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
2995
a818a4b6 2996 sc->realize = scsi_hd_realize;
b9eea3e6
AL		 2997 sc->alloc_req = scsi_new_request;
2998 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 2999 dc->desc = "virtual SCSI disk";
39bffca2 3000 dc->props = scsi_hd_properties;
43b978b9 3001 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3002}
3003
8c43a6f0 3004static const TypeInfo scsi_hd_info = {
39bffca2 3005 .name = "scsi-hd",
993935f3 3006 .parent = TYPE_SCSI_DISK_BASE,
39bffca2
AL		 3007 .class_init = scsi_hd_class_initfn,
3008};
3009
3010static Property scsi_cd_properties[] = {
3011 DEFINE_SCSI_DISK_PROPERTIES(),
2ecab408
PB		 3012 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3013 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3014 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
f8e1f533
PB		 3015 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3016 DEFAULT_MAX_IO_SIZE),
2343be0d
PB		 3017 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3018 5),
39bffca2 3019 DEFINE_PROP_END_OF_LIST(),
b9eea3e6
AL		 3020};
3021
3022static void scsi_cd_class_initfn(ObjectClass *klass, void *data)
3023{
39bffca2 3024 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3025 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3026
a818a4b6 3027 sc->realize = scsi_cd_realize;
b9eea3e6
AL		 3028 sc->alloc_req = scsi_new_request;
3029 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2 3030 dc->desc = "virtual SCSI CD-ROM";
39bffca2 3031 dc->props = scsi_cd_properties;
43b978b9 3032 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3033}
3034
8c43a6f0 3035static const TypeInfo scsi_cd_info = {
39bffca2 3036 .name = "scsi-cd",
993935f3 3037 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3038 .class_init = scsi_cd_class_initfn,
b9eea3e6
AL		 3039};
3040
336a6915 3041#ifdef __linux__
39bffca2 3042static Property scsi_block_properties[] = {
14b20748 3043 DEFINE_BLOCK_ERROR_PROPERTIES(SCSIDiskState, qdev.conf), \
4be74634 3044 DEFINE_PROP_DRIVE("drive", SCSIDiskState, qdev.conf.blk),
07488549 3045 DEFINE_PROP_BOOL("share-rw", SCSIDiskState, qdev.conf.share_rw, false),
070f8009 3046 DEFINE_PROP_UINT16("rotation_rate", SCSIDiskState, rotation_rate, 0),
0a96ca24
DHB		 3047 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3048 DEFAULT_MAX_UNMAP_SIZE),
3049 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3050 DEFAULT_MAX_IO_SIZE),
2343be0d 3051 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
29e560f0 3052 -1),
39bffca2
AL		 3053 DEFINE_PROP_END_OF_LIST(),
3054};
3055
b9eea3e6
AL		 3056static void scsi_block_class_initfn(ObjectClass *klass, void *data)
3057{
39bffca2 3058 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6 3059 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
8fdc7839 3060 SCSIDiskClass *sdc = SCSI_DISK_BASE_CLASS(klass);
b9eea3e6 3061
a818a4b6 3062 sc->realize = scsi_block_realize;
b9eea3e6 3063 sc->alloc_req = scsi_block_new_request;
3e7e180a 3064 sc->parse_cdb = scsi_block_parse_cdb;
8fdc7839
PB		 3065 sdc->dma_readv = scsi_block_dma_readv;
3066 sdc->dma_writev = scsi_block_dma_writev;
3067 sdc->need_fua_emulation = scsi_block_no_fua;
39bffca2 3068 dc->desc = "SCSI block device passthrough";
39bffca2 3069 dc->props = scsi_block_properties;
43b978b9 3070 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3071}
3072
8c43a6f0 3073static const TypeInfo scsi_block_info = {
39bffca2 3074 .name = "scsi-block",
993935f3 3075 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3076 .class_init = scsi_block_class_initfn,
b9eea3e6 3077};
336a6915 3078#endif
b9eea3e6 3079
39bffca2
AL		 3080static Property scsi_disk_properties[] = {
3081 DEFINE_SCSI_DISK_PROPERTIES(),
bfe3d7ac
PB		 3082 DEFINE_PROP_BIT("removable", SCSIDiskState, features,
3083 SCSI_DISK_F_REMOVABLE, false),
da8365db
PB		 3084 DEFINE_PROP_BIT("dpofua", SCSIDiskState, features,
3085 SCSI_DISK_F_DPOFUA, false),
2ecab408
PB		 3086 DEFINE_PROP_UINT64("wwn", SCSIDiskState, qdev.wwn, 0),
3087 DEFINE_PROP_UINT64("port_wwn", SCSIDiskState, qdev.port_wwn, 0),
64cc2284 3088 DEFINE_PROP_UINT16("port_index", SCSIDiskState, port_index, 0),
8a1bd297
PB		 3089 DEFINE_PROP_UINT64("max_unmap_size", SCSIDiskState, max_unmap_size,
3090 DEFAULT_MAX_UNMAP_SIZE),
f8e1f533
PB		 3091 DEFINE_PROP_UINT64("max_io_size", SCSIDiskState, max_io_size,
3092 DEFAULT_MAX_IO_SIZE),
2343be0d
PB		 3093 DEFINE_PROP_INT32("scsi_version", SCSIDiskState, qdev.default_scsi_version,
3094 5),
39bffca2
AL		 3095 DEFINE_PROP_END_OF_LIST(),
3096};
3097
b9eea3e6
AL		 3098static void scsi_disk_class_initfn(ObjectClass *klass, void *data)
3099{
39bffca2 3100 DeviceClass *dc = DEVICE_CLASS(klass);
b9eea3e6
AL		 3101 SCSIDeviceClass *sc = SCSI_DEVICE_CLASS(klass);
3102
a818a4b6 3103 sc->realize = scsi_disk_realize;
b9eea3e6
AL		 3104 sc->alloc_req = scsi_new_request;
3105 sc->unit_attention_reported = scsi_disk_unit_attention_reported;
39bffca2
AL		 3106 dc->fw_name = "disk";
3107 dc->desc = "virtual SCSI disk or CD-ROM (legacy)";
3108 dc->reset = scsi_disk_reset;
3109 dc->props = scsi_disk_properties;
43b978b9 3110 dc->vmsd = &vmstate_scsi_disk_state;
b9eea3e6
AL		 3111}
3112
8c43a6f0 3113static const TypeInfo scsi_disk_info = {
39bffca2 3114 .name = "scsi-disk",
993935f3 3115 .parent = TYPE_SCSI_DISK_BASE,
39bffca2 3116 .class_init = scsi_disk_class_initfn,
d52affa7
GH		 3117};
3118
83f7d43a 3119static void scsi_disk_register_types(void)
d52affa7 3120{
993935f3 3121 type_register_static(&scsi_disk_base_info);
39bffca2
AL		 3122 type_register_static(&scsi_hd_info);
3123 type_register_static(&scsi_cd_info);
b9eea3e6 3124#ifdef __linux__
39bffca2 3125 type_register_static(&scsi_block_info);
b9eea3e6 3126#endif
39bffca2 3127 type_register_static(&scsi_disk_info);
8ccc2ace 3128}
83f7d43a
AF		 3129
3130type_init(scsi_disk_register_types)
Empty description
This page took 1.560893 seconds and 4 git commands to generate.